> Following is the policy that my firewall generation script > gives, but my system hangs when i execute this, I am using > ssh to execute this script. I am opening all other required > ports. When I comment the last two lines my script works fine. > > ******Script******* > > #Set default policies to DROP > > $IPTABLES -F INPUT > $IPTABLES -F OUTPUT > $IPTABLES -F FORWARD > $IPTABLES -P INPUT DROP > $IPTABLES -P OUTPUT DROP > $IPTABLES -P FORWARD DROP > This ok. This will drop everything you didn't ACCEPT or REJECT or something. > # Rejecting all Packets > > #$IPTABLES -A INPUT -s 0/0 -d 0/0 -p udp -j DROP > #$IPTABLES -A INPUT -s 0/0 -d 0/0 -p tcp -j DROP If you have this in front of the other rules, nothing will reach the other rules and you just killed (not only) your ssh connection. Not even on lo (127.0.0.1). You already have default policy DROP : just put in the ACCEPT and other rules you need. Rob
