DROP
Jason Opperisano
opie at 817west.com
Mon Apr 18 15:35:42 CEST 2005
On Mon, Apr 18, 2005 at 07:37:22AM +0200, Brent Clark wrote:
> Hi all
>
> I was wondering, if was adviseable to set the default policy for tables
> nat and mangle to DROP.
no. *all* packets traverse the filter chains--do your filtering
there.
this question seems to come up every so often, and the idea is
absolutely indefensible, IMHO.
-j
--
"Tom Tucker: And now time for the Ollie weather report.
Ollie: It's gonna rain.
Tom Tucker: Thanks Ollie."
--Family Guy
More information about the netfilter
mailing list