The following lines in /etc/rc.d/rc.firewall.inet_sharing-2.4 don't seem to be of use to me and I would like to remove them. # Allow dhcp requests iptables -A INPUT -i eth0 -p udp --sport bootpc --dport bootps -j ACCEPT iptables -A INPUT -i eth0 -p tcp --sport bootpc --dport bootps -j ACCEPT iptables -A INPUT -i eth0 -p udp --sport bootps --dport bootpc -j ACCEPT iptables -A INPUT -i eth0 -p tcp --sport bootps --dport bootpc -j ACCEPT # Allow dns requests iptables -A INPUT -i eth0 -p udp --dport domain -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport domain -j ACCEPT I believe the reason the dhcp requests are allowed is because I thought I would use the mandrake connection sharing wizard at first but decided not to now as it complicates using samba with my windows machine. Correct me if I'm wrong but the dns requests line looks like it's accepting dns requests from eth0 on tcp and udp. I can't for the life of me figure out why I would want to do this. I only have two machines. One is running Mandrake 8.0 (not a dns server) and a windows machine that is sharing the connection of the mandrake box (ppp0). As long as the dns server entries are inside of the windows networking setup then I shouldnt be accepting dns queries for any reason then should I? I'm also writing my own firewall by hand with iptables to learn the in's and out's of how it works. When I finally have it finished can I just place it in /etc/rc.d/rc.firwall to have it executed on boot? __________________________________________________ Do You Yahoo!? Spot the hottest trends in music, movies, and more. http://buzz.yahoo.com/
