On Tuesday 22 October 2002 4:42 pm, antonio wrote: > Hi Everyone, > > Just a question: > I want to set up a firewall box with iptables in which I can use nmap. > Which ports/protocols can I set to ACCEPT and which to DROP? Do you mean you want to run nmap on a box also running netfilter, to scan other machines ? If so, set your OUTPUT policy to ACCEPT, set your INPUT policy to DROP with a single rule: iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT and you'll be able to scan other machines and get the replies back, but anything new coming in to your machine will be blocked. If I didn't understand correctly what you wanted to do please give more details. Antony. -- Which part of 'apt-get dist-upgrade' do you not understand ???
