On Monday 20 August 2007, Bertram Scharpf wrote: > on one of my machines the REJECT target doesn't behave as I > expect. It is inserted into a chain but it is not accepted > as a policy. > > myhost ~ # iptables -L > Chain INPUT (policy DROP 2 packets, 116 bytes) > pkts bytes target prot opt in out source > destination ... > 0 0 REJECT tcp -- any any anywhere > anywhere ... ... > > But: > > myhost ~ # iptables -v -t filter -P INPUT REJECT > iptables: Bad policy name > > > How comes this? I guess it is a kernel option I have to > change. But which? The REJECT target is only valid when either the tcp or udp module is loaded. Hence it cannot be used as a policy. HTH -- Ruben
