[Dshield] IPTables filter chains help - Just noticed that perhaps I'm not l ogging port 135

Jeff jeff at tcnet.org
Thu Aug 14 19:54:42 GMT 2003


On Thu, 14 Aug 2003, Jeff Godin wrote:

>
[snip]
> One logic is to set ACCEPT rules for that which you want to accept, REJECT
> (with proper ICMP error or RST) that which you don't want to accept, and

The preceding paragraph should have been edited to read:
``One logic (general concept, not covering ALL details) is to do groups of
rules of the following categories:''

>
> 1. ACCEPT that which you wish to accept
> 2. DROP broadcast/multicast traffic you wish not to accept and not log
> 3. DROP/REJECT(with proper ICMP error or RST) unicast traffic you wish not
> to accept and not log
> 4. LOG and DROP ALL other broadcast/multicast traffic
> 5. LOG and DROP/REJECT(with proper ICMP error or RST) ALL other unicast
> traffic

Sorry for the confusion,

-jeff

-- 
Jeff Godin
Network Specialist
Traverse Area District Library / Traverse Community Network
jeff at tcnet.org




More information about the list mailing list