Reply 1 You Wrote : "The difference between drop and reject is that reject tells everyone: "I'm not talking to you", while drop does not reply at all, pretending to not exists"
I'll look into leaning nftables, woud you mind if I were to reach out to you with questions if and when they come accross? Ive been in and out of the Linux world for sometime, I plan on changing that. Thank you for having taking time to reply to my question. Im able to ping my loopback interface and have access to the internet.Ģ - Added a rule to the INPUT chain to ACCEPT all loopback trafficģ - Added a rule to the OUTPUT chain to accept all loopback trafficģ - Changed the INPUT, OUTPUT and FORWARD chains to DROP all trafficĤ - Added a rule to the INPUT chain to ACCEPT all ESTABLISHED and RELATED trafficĥ - Added a rule to the OUTPUT chain to ACCEPT all NEW, ESTABLISHED and RELATED trafficĦ - Added a rule to drop all else incoming INPUT chain traffic Rules on test workstation I entered and tested. Have I locked down my test workstation properly? Am I missing any other rule? The test workstation only needs to be able to ping it's loopback interface and access to the internet and not anything else.Īny and all help is very much appreciated. Based on my online findings I've come up with the rules below, can anyone help confirm if I'm on the right track. Hello All, Im new to Linux, CentOS, At this time im working on getting familiar with iptables.
0 kommentar(er)
