> Would like to get port 1194 open (UDP). > [root@here]# /sbin/iptables -L > Chain INPUT (policy ACCEPT) > target prot opt source destination > RH-Firewall-1-INPUT all -- anywhere anywhere > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > RH-Firewall-1-INPUT all -- anywhere anywhere > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > Chain RH-Firewall-1-INPUT (2 references) > target prot opt source destination > ACCEPT all -- anywhere anywhere > ACCEPT icmp -- anywhere anywhere icmp any > ACCEPT ipv6-crypt-- anywhere anywhere > ACCEPT ipv6-auth-- anywhere anywhere > ACCEPT udp -- anywhere 224.0.0.251 udp dpt:5353 > ACCEPT udp -- anywhere anywhere udp dpt:ipp > ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED > ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh > REJECT all -- anywhere anywhere reject-with icmp-host-prohibited > ACCEPT udp -- anywhere anywhere state NEW udp dpt:1194 I guess the problem is tha you ACCEPT udp/1194 after you already REJECTed. You should accept it before. REJECT, (man iptables learns), is a "terminating TARGET, ending rule transversal" *:-) -- Sandro Dentella *:-) e-mail: sandro@xxxxxxxx http://www.tksql.org TkSQL Home page - My GPL work
