$IPTABLES -A INPUT -i $INTERFACE -p ALL -m state --state ESTABLISHED,RELATED -j ACCEPT #Note - this appears to generate an error # iptables: No chain/target/match by that name # but would that affect OUTPUT ??? $IPTABLES -A INPUT -i $INTERFACE -p ALL -j RETURN
$IPTABLES -A OUTPUT -o $INTERFACE -p ALL -j ACCEPT
Remove the -p ALL from your established related line. dont put one it ...covers all.
Done. But I still get the error.
I've read that loading in the appropriate module will solve this, but unfortunately my hosting company has built their own monolithic kernels which don't support loadable modules.
Is there any way around this?
makes perfect sense.
in answer to the question you commented in there, YES it will ..your policy on input is DROP -- thus you are getting out, but nothing is getting BACK to you.
Kev.
