[clue-talk] iptables question
Crawford Rainwater
crawford.rainwater at linux-etc.net
Mon Dec 27 08:44:47 MST 2004
Been playing around with iptables recently (and yes, it has been a
while) and noticed that there is no longer a DENY policy, just ACCEPT
and DROP. I am guessing DROP = DENY these days, but when I run nmap, I
see for various ports "open|filtered" by them vs. "closed". What am I
missing here? Yes I know
iptables -P INPUT <policy>
is the command line. ;-) Just wondering about the policy
changes/differences in particular.
Basic idea for some specifics, I am trying to lock out everything first,
then ACCEPT certain ports (22, 25 (out only), 80, 443, 993, and 995 in
this case) for a prototype server I am building. When I run nmap, I
would prefer to see only those above ports "open" with everyone else
listed as "closed", not "open|filtered" peferably.
TIA.
--- Crawford
--
The Linux ETC Company
P.M.B. 146
368 South McCaslin Boulevard
Louisville, CO 80027 USA
+1 (303) 604-2550 (voice)
+1 (866) 604-2550 (toll free within the US)
+1 (303) 664-0036 (fax)
http://www.linux-etc.com
More information about the clue-talk
mailing list