/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
I have a problem with iptables, in fact I can't drop or deny accesses on a pc used like a gateway which provide internete connectivity, by the inet side (read: the external interface). I use the these rules: iptables -P INPUT DROP iptables -A INPUT -i $EXTIF -s 0.0.0.0/0 -d $EXTIP -p tcp --dport ** -j DROP I put the stars (**) only 'cause I don't like to reveal information about my lan. $EXTIF is the external interface (eth1) $EXTIP is the ip address of my dialup connection (ppp0) Now, I set the the DROP command both in the chain policy and in the rule I wrote above, but, various scan software reveal that port as "OPENED" and many connection test I made from another computer allowed me to connect to that service! Anybody know what's goin' on ? Thank you The Crow _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
