general policy question
patrick conlin
patrick@wechsler.com
Fri, 07 Jun 2002 10:35:25 -0400
does one generally set the -P on their mangle table chains to DROP, even if
you're not using them for anything?
usual procedure says set -P on all chains to DROP and allow what's
necessary, but if you're not using your mangle table chains for anything and
you set -P to DROP (on the iptables -t mangle PREROUTING chain, for example)
all packets get dropped.
you guessed it, I just did this and got booted from the machine. Now I have
to wait until I can go home and reboot my firewall before I can play with it
any more.
Just wondering how everyone else handles this.
-=p=-