On Tuesday, May 07, 2013 11:59:49 PM Paul Gear wrote:
> On 05/08/2013 02:50 PM, [email protected] wrote:
> > On Tuesday, May 07, 2013 06:19:01 PM Tom Eastep wrote:
> >> Then your firewall was *NOT* open from the net.
> >
> > Well then why does it *say* everything is open?
>
> It doesn't. There's a DROP policy by default on every chain. It's only
> open for traffic on the eth0 & lo interfaces.
But notice that for every chain these are accept all?
INPUT
104 10002 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
FORWARD
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
OUTPUT
98 6364 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
ctstate RELATED,ESTABLISHED
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and
their applications. This 200-page book is written by three acclaimed
leaders in the field. The early access version is available now.
Download your free book today! http://p.sf.net/sfu/neotech_d2d_may
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
