PHWinfo - Afficher un message

11/09/2007, 11h00

On Tue, Sep 11, 2007 at 09:11:12AM +0200, Christopher Zimmermann wrote:
> As long as I use iptables I was not able to use policies of reject. I
> even remember the target 'REJECT' being a selectable kernel option.
> Reject requires some ICMP action whereas DROP doesn't.
I can understand the reasoning.

I will have to put it down to faulty memory on my part, thought I would ask
anyway
>
> > I am just going through my firewall setup and I notice I can no longer
> > do iptables -P INPUT REJECT
>
> > when did this happen ? I could have sworn that is what I used to use as
> > a default, yes I know I can drop and add a -A -j REJECT

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFG5liokZz88chpJ2MRAgSyAKDMcW4iZHlL9Mc+AeaRju GJzZsR8ACeMVnV
5NyQ3PI/DO4MsovYzfFznhM=
=RDvu
-----END PGP SIGNATURE-----

11/09/2007, 11h00	#2
Alex Samad Messages: n/a Hébergeur:	Re: Iptables & Default policy of Reject On Tue, Sep 11, 2007 at 09:11:12AM +0200, Christopher Zimmermann wrote: > As long as I use iptables I was not able to use policies of reject. I > even remember the target 'REJECT' being a selectable kernel option. > Reject requires some ICMP action whereas DROP doesn't. I can understand the reasoning. I will have to put it down to faulty memory on my part, thought I would ask anyway > > > I am just going through my firewall setup and I notice I can no longer > > do iptables -P INPUT REJECT > > > when did this happen ? I could have sworn that is what I used to use as > > a default, yes I know I can drop and add a -A -j REJECT -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG5liokZz88chpJ2MRAgSyAKDMcW4iZHlL9Mc+AeaRju GJzZsR8ACeMVnV 5NyQ3PI/DO4MsovYzfFznhM= =RDvu -----END PGP SIGNATURE-----