> I would instead recommend > iptables -P INPUT DROP > > and then only add rules for the things you really do want to come in to the > firewall (established & related is probably a good start). Well of course, i wrote that, keeping in mind that he could have other rules like: -s 0/0 -j ACCEPT > "Allow what you know you want, and drop everything else" is a good policy. Is the best in most cases. > Antony. Maciej
