On Mon, Apr 18, 2005 at 07:37:22AM +0200, Brent Clark wrote:
I was wondering, if was adviseable to set the default policy for tables nat and mangle to DROP.
no. *all* packets traverse the filter chains--do your filtering there.
Just to better understand, don't all packets also pass the mangle table and only the first packet of a connection the nat table?
Thanks for your enlightenment...
sjm
