Search in google, and feel lucky http://www.linklogger.com/TCP1025.htm On Mon, 20 Sep 2004 13:44:18 +0600, Askar <askarali@xxxxxxxxx> wrote: > hi all > > Im taking care of a fw machine that is configured by my predecsssor, > firewall being configure by default policies to ACCEPT for all chain > (coz he thinks its difficult of an ISP to run firewall as default set > to DROP) > however for the time being this is not my concern but here are few > lines from script that confusing for me > > iptables -A INPUT -p TCP -s 0/0 -d 0/0 --dport 1025 -j DROP > iptables -A FORWARD -p TCP -s 0/0 -d 0/0 --dport 1025 -j DROP > iptables -A OUTPUT -p TCP -s 0/0 -d 0/0 --dport 1025 -j DROP > > when I do "tail -f /var/log/messages", I found lot of below messages > > Sep 20 12:26:35 guru named[12308]: client xxx.xx.xxx.xx#1025: error > sending response: host unreachable > Sep 20 12:26:37 guru named[12308]: client xxx.xx.xxx.xxx#1025: error > sending response: host unreachable > Sep 20 12:26:37 guru named[12308]: client xxx.xx.xxx.xx#1025: error > sending response: host unreachable > Sep 20 12:26:37 guru named[12308]: client xxx.xx.xxx.xx#1025: error > sending response: host unreachable > Sep 20 12:26:38 guru named[12308]: client xxx.xx.xxx.xx#1025: error > sending response: host unreachable > Sep 20 12:26:39 guru named[12308]: client xxx.xx.xxx.xxx#1025: error > sending response: host unreachable > > what mean by all this, can someone care to explain/clear things to me? :) > may I remove the above iptables rules? > > regards > Askar > -- > (after bouncing head on desk for days trying to get mine working, I'll make > yer life a little easier) > > -- Mohamed Eldesoky www.eldesoky.net RHCE
