[Shorewall-newbies] First line "ACCEPT from anywhere to anywhere"
teastep at shorewall.net
Mon Jan 19 07:39:12 PST 2004
On Sunday 18 January 2004 10:11 pm, Greg Bell wrote:
> Hi Newbie-question-answerers,
> I followed the 2-interface quickstart (I have a linux box with two NICs,
> one's connected to a DSL modem, the other to my home network).
> After shorewall does its thing, I did a iptables -L and noticed the first
> line of the INPUT policy is an ACCEPT from anywhere to anywhere:
> Chain INPUT (policy DROP)
> target prot opt source destination
> ACCEPT all -- anywhere anywhere
> DROP !icmp -- anywhere anywhere state INVALID
> ppp0_in all -- anywhere anywhere
> eth1_in all -- anywhere anywhere
> common all -- anywhere anywhere
> LOG all -- anywhere anywhere LOG level info
> prefix `Shorewall:INPUT:REJECT:'
> reject all -- anywhere anywhere
Now type "shorewall show INPUT" to see what the chain really looks like.
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-newbies