Results 1 to 6 of 6
I've been reading this tutorial and one thing confuses me slightly. Code: # iptables -P INPUT ACCEPT # iptables -F The first command sets the default policy for the input ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 01-24-2013 #1
Absolute iptables beginners question
# iptables -P INPUT ACCEPT # iptables -F
How does it know to ignore it? Does it leave all the default policies in place?
These are probably a really dumb questions but I'm asking them anyway
- 01-24-2013 #2
The policy of a chain is simply what netfilter should do if a packet does not meet the rules you've specified. By setting it to accept you're saying, "allow any packets through that do not meet these rules". If you flush the rules, then this is basically the same as deleting each rule one by one until there are none left.
By setting the policy to accept and then flushing the rules, it's telling netfilter to accept everything.
- 01-24-2013 #3
To repeat and add:
The default policy is handled a bit different than your other rules.
The basic idea is: If none of the defined rules match, do what the default policy says.
Kind of like routing. If nothing else matches, use the default gw.
The default policy is unaffected by flushs. It needs to be set explicitly.
Which leads to the common error of setting a REJECT default (as it should be on a fw), and then flush: You are locked out.You must always face the curtain with a bow.
- 01-24-2013 #4
- 01-24-2013 #5
- 01-24-2013 #6