But I don't think we can specify the time option in iptables. If any modules are there using which we can specify the time let us know. Regards, Dharmendra.T Linux Security Expert www.nsecure.net dharmu@nsecure.net On Thursday 14 November 2002 10:12, Raymond Leach wrote: > Hi > > Yes, all my chains default policies are set to DROP. > > I believe in taking the paranoid approach to security: assume everything > is bad and then only allow what you know to go where you want it to. I'm > sure you know the cliche by now :- 'where do you want to go today?' > > On Linux we know where we want to go ... > > Ray > > On Thu, 2002-11-14 at 07:08, Dharmendra.T wrote: > > What is the default polic you have set for? I guess it is by dropping all > > the packets froom the forward chain and then you are allowing > > accordingly. Regards, > > Dharmendra.T > > Linux Security Expert > > www.nsecure.net > > dharmu@nsecure.net > > > > On Wednesday 13 November 2002 20:31, Raymond Leach wrote: > > > Hi > > > > > > Is there a way to put time restrictions on rules? > > > For eaxmple, something like: > > > > > > iptables -A FORWARD -i eth0 -p tcp -sport 1024: -dport 1024: -time > > > 0700:1700 -j DROP > > > > > > It would be nice ... > > > > > > Ray --
