2010/1/6 Anthony Ewell <amewell@xxxxxxxxxxx>: > Hi All, > > > Having taken a more recent look at "/etc/services", I > am finding zillions of service ports above 1024. > > With that in mind, is there a better starting port > for my "unassigned" ports? If you are purely trying to block traffic which is to services not running then you could just change the default policies to drop and then only explicitly allow what you want which is alot safer. If you need this for logging then place a log rule as the last rule in the table. -- Richard Horton Users are like a virus: Each causing a thousand tiny crises until the host finally dies. http://www.solstans.co.uk - Solstans Japanese Bobtails and Norwegian Forest Cats http://www.pbase.com/arimus - My online photogallery -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
