Jason Opperisano wrote: > On Sat, Apr 23, 2005 at 05:23:07AM -0400, Ed wrote: > >>Kashif Ali Bukhari wrote: >> >>>i want to block all inbod access to my linux box and want to allow >>>dns, http proxy,ssh,telnet,and ftp >>>how can i do this >> >>First, please see >>http://www.catb.org/~esr/faqs/smart-questions.html > > > i love that link. > Me too :) > > > and: > iptables -A INPUT -p udp --dport 53 -j ACCEPT > Ooops, shouldn't respond when really tired. =P > > multiport doesn't support ranges, mport does (and it uses a ':' not a > '-'): Again, tiredness :S (glad you caught that). >>A classic RTFM/STFW case, nonetheless... > > > yes. couldn't resist the nit-pick, though. ;-) ...and for that I am grateful. TY (really!) for the corrections. =) I shouldn't post when really tired (instead of drinking, that'll be my excuse). /me goes back to primarily lurking...