On Tuesday 28 July 2009 08:19:19 Billy Crook wrote:
[snip lots of good advice]
> And here's my config, which is longer than I'd like, but as short as
> it can be and still do the job. You might change :FORWARD ACCEPT to
> :FORWARD REJECT if you don't ever plan to act as a router.
1. Allow me to introduce my friend, the multiport match, which will
indeed shorten your rules and still do the job. :)
2. REJECT is not a valid policy, see DROP.
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
