Hi chris, the default policy is to accept any outgoing traffic. however, ping and telnet work fine before I add one of these rules. ++ Stéphane -----Message d'origine----- De : Chris Brenton [mailto:cbrenton@xxxxxxxxxxxxxxxx] Envoyé : jeudi 5 janvier 2006 18:04 À : DELORT Stephane Cc : netfilter@xxxxxxxxxxxxxxxxxxx Objet : Re: state ESTABLISHED,RELATED ignored within a bridge On Thu, 2006-01-05 at 17:02 +0100, DELORT Stephane wrote: > > when I use a rule : > $IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT > $IPTABLES -A INPUT -j DROP > > The server cannot ping or telnet any other host ! This only lets replies back through. You need a rule that permits the initial session establishment as well. (ICMP type 8 and TCP/23). HTH, Chris
