Laszlo Attila Toth wrote:
Set the default policy of INPUT/FORWARD/OUTPUT chains of IPv4/IPv6 filter tables to DROP or ACCEPT in kernel configuration. It can be override by a module parameter (defaultdrop for IPv4 and defaultdropv6 for IPv6).
Whats the point of this? You can simply execute the corresponding iptables commands early during boot ... - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
