On 2003.01.24 05:48 Roland Kuhn wrote: > Hi! > > (your linewrap did make reading this a bit of a challenge ;-) ) Sorry about that, should have taken it into account > > iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT > > This single line magically allows mostly all applications to access > the internet > from the firewall while shutting out all connection attempts from the > outside. > ESTABLISHED matches all packets directly belonging to an established > connection > while RELATED takes care of e.g. ICMP error messages (like destination > > unreachable et al). > Thanks! That fixed it. -Rindolf - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
