On 2003.01.24 05:48 Roland Kuhn wrote:
> (your linewrap did make reading this a bit of a challenge ;-) )
Sorry about that, should have taken it into account
> iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> This single line magically allows mostly all applications to access
> the internet
> from the firewall while shutting out all connection attempts from the
> ESTABLISHED matches all packets directly belonging to an established
> while RELATED takes care of e.g. ICMP error messages (like destination
> unreachable et al).
Thanks! That fixed it.
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to firstname.lastname@example.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
This archive was generated by hypermail 2b29 : Fri Jan 31 2003 - 22:00:01 EST