On Thursday 23 September 2004 21:45, Askar wrote: > hi all > > what if I do (and im doing this from last two hours ;)) > > iptables -A FORWARD -p tcp --dport 31000:65500 -j DROP > iptables -A FORWARD -p udp --dport 31000:65500 -j DROP > > yes I am Droping too many ports at once, (actually its default ACCEPT > machine), I think you answered your own question - why not make the default policy DROP, and then just permit the services you want? gdh
