Hi!
Petr Pisar írta:
On 2007-05-11, G?sp?r Lajos <swifty@xxxxxxxxxxx> wrote:
Hi all,
I was reading the iptables manual because I needed the correct arguments
of the policy (-P) command.
Here it is:
-P, --policy chain target
Set the policy for the chain to the given target. See the
section TARGETS for the legal targets. Only built-in (non-user-defined)
chains can
have policies, and neither built-in nor user-defined
chains can be policy targets.
So I checked the TARGETS.
TARGETS
A firewall rule specifies criteria for a packet, and a target.
If the packet does not match, the next rule in the chain is the
examined; if it does
match, then the next rule is specified by the value of the
target, which can be the name of a user-defined chain or one of the
special values ACCEPT,
DROP, QUEUE, or RETURN.
My question is: What is the difference between the ACCEPT and the RETURN
target in policy ??? :D
I think this is missunderstadning in man page. If you read the TARGETS
section carefully you could see here is nothing about policy even if -P
paragraph referres to it.
Okay. That is right. There is nothing about policy in TARGETS section.
But there is no "POLICYTARGETS" section! :D
My opinion is ACCEPT and DROP only are valid policies. I don't know
where I have this idea from but I'm pretty sure that other targets have
not sense in policy context.
-- Petr
I agree! I was just curious. :D
Swifty
