droping too many ports

Gavin Hamill gdh at acentral.co.uk
Thu Sep 23 22:51:13 CEST 2004

On Thursday 23 September 2004 21:45, Askar wrote:
> hi all
> what if I do (and im doing this from last two hours ;))
> iptables -A FORWARD -p tcp --dport 31000:65500 -j DROP
> iptables -A FORWARD -p udp --dport 31000:65500 -j DROP
> yes I am Droping too many ports at once, (actually its default ACCEPT
> machine), 

I think you answered your own question - why not make the default policy DROP, 
and then just permit the services you want?


More information about the netfilter mailing list