> Now I can get it to work only by commenting out the last line (iptables > -A INPUT -j DROP). But that defies the purpose of a firewall, doesn't > it? > What the heck happened last afternoon?? > Logging helps... prior to the drop, do a log iptables -A INPUT -j LOG --log-prefix "FW: " iptables -A FORWARD -j LOG --log-prefix "FW: " iptables -A OUTPUT -j LOG --log-prefix "FW: " Then tail the log file and see what is hitting the drop rule. From there, poke any additional holes necessary. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
