[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ipchains logs and nmap audit



On Sat, 22 Jan 2000, Subba Rao wrote:

> 
> I have several ipchain rules. One of them is:
> 
> ipchains -A input -i ppp0 -p TCP --destination-port 21 -l -j DENY
> 
> Why are these ipchains not doing any logging?  I do have the -l option

from what you described it doesn't drop the packet either. look if you
didn't allow it in a previous rule.

on the whole, I recommend to set the policy to deny then open just what
you need.

http://scso.com/linux/firewall.init.html

-- 
Ira Abramov ;  whois:IA58  ;  www.scso.com ;  all around Linux enthusiast
"People get annoyed when you try to debug them."
  -- Larry Wall (Open Sources, 1999 O'Reilly and Associates)


=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il