2009/6/24 Jorge Bastos <mysql.jorge@xxxxxxxxxx>: >> You are always advised to make the default rule (Ie policy) drop with >> any firewall then only explicitly allow traffic you wish allow: >> >> (I am assuming here you want to allow connections *to* port 22 on the >> external network from your internal network, for my example the >> internal network has an ip address of 192.168.0.0/24) >> iptables -t filter -F FORWARD # Clear out what exists already >> iptables -t filter -P FORWARD -j drop # Set default to drop >> iptables -t filter -A FORWARD -s 192.168.0.0/24 -d ! 192.168.0.0/24 -p >> tcp --dport 22 -j ACCEPT > > > cisne:/etc/rc.d# iptables -t filter -P FORWARD -j DROP > iptables v1.4.4: -P requires a chain and a policy > Try `iptables -h' or 'iptables --help' for more information. So did you try iptables -h for more information as it suggests? This simple typo is easy to resolve by reading the top few lines of the help message. :-) /Oskar -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
