It is strongly related to the other question, same RPC/DCOM problems. On Mon, 20 Sep 2004 14:02:57 +0600, Askar <askarali@xxxxxxxxx> wrote: > hi again > My second question of the day is pls first check these few rules from > our firewall scirpt > > iptables -A INPUT -p TCP -s 0/0 -d 0/0 --dport 135:140 -j DROP > iptables -A INPUT -p UDP -s 0/0 -d 0/0 --dport 135:140 -j DROP > iptables -A FORWARD -p TCP -s 0/0 -d 0/0 --dport 135:140 -j DROP > iptables -A FORWARD -p UDP -s 0/0 -d 0/0 --dport 135:140 -j DROP > iptables -t nat -A PREROUTING -p TCP -s 0/0 -d 0/0 --dport 135:140 -j DROP > iptables -t nat -A PREROUTING -p UDP -s 0/0 -d 0/0 --dport 135:140 -j DROP > > aren't there are unnecessary repitions ? port that is Dropped in > FOWARD chain is again Dropped in PREROUTING chain, and also why he (my > predecssor) droping such port in INPUT table ? aren't it unnecessary, > coz it a linux box no port 135:140 are open on our fw machine. > > Today I just deletes are PREROUTING rules and now im getting counts > for packets drops on FOWARD table. > > regards > askar > > -- > (after bouncing head on desk for days trying to get mine working, I'll make > yer life a little easier) > > -- Bla bla
