On Thu, 2003-11-27 at 11:14, Juan Hernandez wrote: > Another question... > > On Thu, 2003-11-27 at 12:04, Ralf Spenneberg wrote: > > Am Don, 2003-11-27 um 16.41 schrieb Juan Hernandez: > > > > > 1) This rule tells netfilter to drop any packet forwarding I guess > > > iptables -P FORWARD DROP > > This is a default rule. All packets not accepted or dropped by other > > rules will be dropped by this one. > > If this drops everything else, how come there's access to the webserver > in that same machine?? It's not that I dont want it, its just that im > curious on what does this rule drops exactly cause I can still access my > webserver > When you say same machine to do mean the same box as the firewall? The rules you have are for forwarding packets to other machines. To filter traffic going to the firewall box you need to have rules on your INPUT chain. Jeff