Many example scripts seem to flush first and then set the policy. Is it not better to set the policy before flushing?
For, otherwise, according to section 7.1 of the Packet Filtering HOWTO, the policy could end-up being ACCEPT, albeit only for a moment. Aurelio.
