[CentOS] iptables

6 Nov 2013


      I ran:
iptables -L
and see this:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
REJECT     all  --  anywhere             anywhere            reject-with
icmp-host-prohibited
Does the
REJECT all
over-ride the
ACCEPT all
Would "DROP all" be better so people banging on the ports don't see a reply?
I ran the gui tool to open ssh and it is in between ACCEPT all and REJECT
all.  Why does it work if there is a REJECT all after it?
Thanks,
-wes

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[CentOS] iptables