On Mon, 2002-12-02 at 16:48, jdow wrote: > I have some details and quibbles, Dax. > > First there is no iptables DENY rule. This is now "DROP". From the > netfilter web site: "The DENY target is now DROP, finally." This > rule simply drops the packet on the floor and does nothing at all > with it. Urggh...you are absolutely right, substitute DROP in place of all occurrences of DENY in my email. That's what I get for typing from memory without consulting the docs. I meant to use DROP. My intent was to show 'default DROP done right with stateful rules'. Dax Kelson Guru Labs -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
