USB Networking vs. iptables
Joel Newkirk
freerunner at newkirk.us
Fri Sep 19 22:06:42 CEST 2008
On Fri, 19 Sep 2008 16:21:13 +0000, Christian Weßel <wesselch at gmx.net>
wrote:
> iptables -I RH-Firewall-1-INPUT -s 192.168.0.202 -j ACCEPT
>
> That's it. Now I am able to install Debian by following wiki guide
> <http://wiki.debian.org/DebianOnFreeRunner>
>
> Thanx a lot.
>
> Am Freitag, den 19.09.2008, 07:35 -0400 schrieb Joel Newkirk:
>> Try "iptables -I RH-Firewall-1-INPUT -s 192.168.0.202 -j ACCEPT", or the
>> same rule inserted at the top of INPUT and FORWARD chains.
You're most welcome. The one problem with your reasoning regarding the
default policy of ACCEPT is that the last rule in the RH-Firewall-1-INPUT
chain is a 'drop all' rule... Every RedHat/Fedora/CentOS box I've ever set
up nearly the first thing I do is delete the default firewall and construct
my own - I don't like the way they structure theirs. IMHO best practice
(and clearest logic) is to enable a DROP policy on INPUT and FORWARD
chains, and add explicit ACCEPT rules for desired traffic.
j
More information about the community
mailing list
