On Monday 17 November 2003 4:35 pm, Chandana Bandara wrote:
Hi Mr.Antony & ALL ,
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP.........only with those policies ,
should block the all incomming , outgoing from the machine ?????
Assuming you have flushed the rules as well, with:
iptables -F INPUT iptables -F FORWARD iptables -F OUTPUT
then no IP traffic will be allowed into, out of, or through, the machine.
Chandana, Antony is making a theoretical point here. Your loopback interface uses the OUTPUT chain and dropping every OUTPUT packet could cause some unexpected problems. I wouldn't recommend doing this. If you ever really wanted to block *all* traffic just unplug the network card(s). It's a lot easier and 100% secure. I hope Mr. Curleybaces reads this too or he could be in for a big surprise :-)
Jeff
