"What port should I block for icmp protocol?" Errrr??... your blocking them already??? Or did you mean, which icmp should you ACCEPT? ------------------------- $IPTABLES -P INPUT DROP $IPTABLES -P OUTPUT DROP $IPTABLES -P FORWARD DROP ------------------------- BTW, why are you allowing UDP 22,23,80??? It's not used for ssh,telnet and http and whatever 24 is.. (can't be bothered). he he ;P Thanks, ____________________________________________ George Vieira Systems Manager georgev@xxxxxxxxxxxxxxxxxxxxxx Citadel Computer Systems Pty Ltd http://www.citadelcomputer.com.au -----Original Message----- From: Sundaram Ramasamy [mailto:sun@xxxxxxxxxxxx] Sent: Friday, June 06, 2003 5:33 AM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Redhat Linux 8.0 IPtables help Hi, I have Linux machine with single Network interface. I want to block all the tcp,udp and icmp port's other then 22,23,24 and 80. Can you verify the following script? IPTABLES=/sbin/iptables $IPTABLES -P INPUT DROP $IPTABLES -P OUTPUT DROP $IPTABLES -P FORWARD DROP $IPTABLES -A INPUT -p tcp -m multiport --destination-port 22,23,24,80 -j ACCEPT $IPTABLES -A INPUT -p udp -m multiport --destination-port 22,23,24,80 -j ACCEPT What port should I block for icmp protocol? -SR
