Recently I created what I think are some pretty decent ICMP rules to allow me to trace and ping outside of my network but not allow the same kind of activities in...I think I did a pretty good job after reading the tutorial You guys be the judge and let me know if there was better way for this to be done. iptables -A INPUT -p ICMP -i eth0 -m state --state NEW -j DROP iptables -A INPUT -p ICMP -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -p ICMP -o eth0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT ===== "No touchy NO TOUCHY! Emperor Kuzko -=Emperor's New Groove=-" __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
