On Sun, 2007-10-28 at 21:54 -0600, Clint Savage wrote: > > In general, I agree with this. But whatever you use, make sure > iptables has a debugging mode where everything is logged before > dropped. It's likely you will be able to look at your logs, see what > is being dropped, and make changes to fix it. > > I'd like to point out that what Gabe suggest is good, but only for a > temporary *troubleshooting* or validation that rule actually works. > The logging that iptables does is *very* verbose. Do one LOG rule at > a time is my motto.
I'd *also* like to point out that what Gabe suggests is good. Furthermore, I'd like to point out that: (temporary *troubleshooting*) == (debugging mode). :) Back to whatever it was I was doing. Gabe /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
