On Thursday 05 August 2004 01:04, Jacob Friis Larsen wrote: > Would this script work like this: > - Allow all outgoing. > - Allow all to port 80, 21, 22, 25, 143 Yes. Be aware that it will only affect packets coming from or going into that actual machine - it will completely forbird any 'forward' traffic to other hosts on the network going through that box. > echo 1 > /proc/sys/net/ipv4/ip_forward This line is redundant, since setting the default policy in the FORWARD table to be DROP will not permit any packets to be forwarded. If this is what you want, I'd just leave /proc/sys/net/ipv4/ip_forward set to zero :) gdh
