+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Support Area (/forum-30.html)
+--- Forum: System Setup & Installation (/forum-32.html)
+--- Thread: iptables - policy (/thread-6266.html)
iptables - policy - womd - 03-31-2009 05:20 PM
hi !
i found that on a default-install iptables-default-policy of INPUT/FORWARD/OUTPUT - chain is ACCEPT
the cains ISPCP_INPUT / ISPCP_OUTPUT have rules to accept for sevice-ports
in my understanding, INPUT / OUTPUT - CHAIN - default - policy should be DROP.
is there something wrong with my installation, or did i misunderstand something ?
RE: iptables - policy - kilburn - 03-31-2009 10:48 PM
The iptables rules in ISPCP_{INPUT,OUTPUT} chains are used only to count traffic, but do not ACCEPT or DROP/REJECT any package.
Thus, there's no firewall enabled by default, but if you want to modify the script so traffic is accepted/rejected after counting it's up to you
RE: iptables - policy - womd - 03-31-2009 11:44 PM
ok, i see. thank you