[KLUG Members] ACCEPT all -- anywhere anywhere, eh?
Adam Tauno Williams
members@kalamazoolinux.org
Thu, 9 Jan 2003 15:20:47 -0500
Is the redhat firewall config tool goobered?
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- anywhere anywhere
...
Chain RH-Lokkit-0-50-INPUT (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:http
flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
flags:SYN,RST,ACK/SYN
ACCEPT all -- anywhere anywhere
ACCEPT udp -- k2.iserv.net anywhere udp spt:domain
ACCEPT udp -- everest.iserv.net anywhere udp spt:domain
REJECT tcp -- anywhere anywhere tcp
flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere udp reject-with
icmp-port-unreachable
Doesn't the "ACCEPT all -- anywhere anywhere" negate all the rules below it?