iptables
Cere M. Davis
cere at u.washington.edu
Tue Jun 25 21:38:20 PDT 2002
OK. I figured that one out:
I need to add:
iptables -A INPUT -f -j ACCEPT
to allow all packet fragments accept the first one through since NFS
requires this. But now I'm trying to get my iptables system to work as an
NIS client and still no dice.
-Cere
>
> I'm beginning to goof around with iptables and am trying to accomplish
> something dern simple. For starters I just want to try and allow
> all traffic outbound and only inbound traffic from one host.
>
> If I say:
>
> iptables --flush
> iptables -P OUTPUT ACCEPT
> iptables -P INPUT DROP
> iptables -A INPUT --src the.host.I.want -j ACCEPT
>
> and then try running
>
> rpcinfo -p the.host.I.want
>
> I get nothing. Zilch. Nodda. I must be missing something obvious here.
> Does anybody know?
>
>
> -Cere
>
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> Cere Davis
> Unix Systems Administrator - CSDE
> cere at u.washington.edu ph: 206.685.5346
> https://staff.washington.edu/cere
>
> GnuPG Key http://staff.washington.edu/cere/gpgkey.txt
> Key fingerprint = B63C 2361 3B9B 8599 ECC9 D061 3E48 A832 F455 9E7FA
>
>
>
>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cere Davis
Unix Systems Administrator - CSDE
cere at u.washington.edu ph: 206.685.5346
https://staff.washington.edu/cere
GnuPG Key http://staff.washington.edu/cere/gpgkey.txt
Key fingerprint = B63C 2361 3B9B 8599 ECC9 D061 3E48 A832 F455 9E7FA
More information about the Linux
mailing list