Thank you... Juan On Thu, 2003-11-27 at 13:49, Ralf Spenneberg wrote: > Am Don, 2003-11-27 um 17.14 schrieb Juan Hernandez: > > Another question... > > > > On Thu, 2003-11-27 at 12:04, Ralf Spenneberg wrote: > > > Am Don, 2003-11-27 um 16.41 schrieb Juan Hernandez: > > > > > > > 1) This rule tells netfilter to drop any packet forwarding I guess > > > > iptables -P FORWARD DROP > > > This is a default rule. All packets not accepted or dropped by other > > > rules will be dropped by this one. > > > > If this drops everything else, how come there's access to the webserver > > in that same machine?? It's not that I dont want it, its just that im > > curious on what does this rule drops exactly cause I can still access my > > webserver > Because the FORWARD chain only covers packets to be forwarded to other > machines. Packets destined to the local machine are filtered in the > INPUT chain. Do a > iptables -P INPUT DROP > and you webserver should stop responding (if there are no other INPUT > rules). > > Cheers, > > Ralf
