On December 8, 2003 02:44 pm, Jeffrin wrote: > hello , > > iptables -P INPUT DROP > iptables -A INPUT -p tcp --sport 80 -j ACCEPT > > Iam not able to ping. why ? because ping (icmp) doesn't use port 80. because you aren't allowing RELATED,ESTABLISHED connections back in. iptables -I INPUT 1 -m state --state ESTABLISHED,RELATED -j ACCEPT (the -I --- 1 because in my opinion you should have this rule at the top.)
