[PLUG] iptables redux
Wil Cooley
wcooley at nakedape.cc
Tue Aug 17 16:01:02 UTC 2004
On Tue, 2004-08-17 at 15:10 -0700, Rich Shepard wrote:
> On Tue, 17 Aug 2004, Roderick A. Anderson wrote:
>
> > Do deny/drop/reject rules come before or after the accept rules.
>
> Rod,
>
> My understanding -- and the way I'm set up here -- is that deny is the
> default and is listed first. Then I accept me as a legitimate ssh user:
No, the default policy might be listed first, but the default policy is
what happens *last*, if no other rules apply. I generally don't use the
default policy, because it give me the opportunity to log.
Wil
--
Wil Cooley wcooley at nakedape.cc
Naked Ape Consulting http://nakedape.cc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.pdxlinux.org/pipermail/plug/attachments/20040817/46d1b6cd/attachment.asc>
More information about the PLUG
mailing list