16 Jul
2011
16 Jul
'11
5:46 p.m.
Am 16.07.2011 19:41, schrieb Andrea Scarpino:
On 16 July 2011 19:32, Vic Demuzere <vic@demuzere.be> wrote:
So, you're saying that those 4 lines are easier than the 2 short ones in hosts.allow? Ah well, I'll have to learn to write iptables scripts then, I suppose. I mean its more intuitive in that way, you've more power on what is accepted and what isn't.; e.g. you can apply filters only to one interface.
Why you should write an iptables script?
BTW, sorry "-A INPUT -j REJECT" blocks everything then have to be at the last line, and not at first!
You shouldn't do it like this. Look at /etc/iptables/simple_firewall.rules for a simple and non-broken template.