<quote who="[EMAIL PROTECTED]"> > Voytek wrote: >><quote who="[EMAIL PROTECTED]">
>>-A input -s 220.240.54.97 -d 0/0 53 -p tcp -y -j ACCEPT >> > My experience with ipchains is ancient, I use iptables for years now so > I can't verify what I'm saying but: > > -A input -s 220.240.54.97 -d 203.42.34.54 53 -p tcp -y -j ACCEPT OK, thanks, done, and, still transfers OK > Should probably do the trick. If you leave it "-d 0/0" then I think you > allow > your secondary to access ANY host on your internal network which doesn't > sound like a Good Thing(tm) to me. OK, thanks > BTW - what kernel are you using? Why don't you move to iptables? Linux 2.4.20-28.7 #1 Thu Dec 18 11:31:59 EST 2003 i686 unknown # service iptables ipchains and iptables can not be used together. [WARNING] there are several good reasons why I'm not moving to iptables; the 1st one is, I don't know how.... I guess, the default install used ipchains ? or, maybe I ticked a rwong choice ? what are advantges of moving ? basically, this is web/mail/sql host, with just these services allowed -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
