[CentOS] Help with iptables rule for blocking UDP port 53
Robert Spangler
mlists at zoominternet.net
Tue Jul 15 20:46:56 UTC 2008
On Tuesday 15 July 2008 14:43, nate wrote:
> Try to insert the rule (-I) instead of append (-A). I recall encountering
> weirdness between using the two different methods for adding a rule.
> I don't know why, but it seems to make a difference in some cases.
> The man page doesn't make it clear to me what the difference is and why
> it (might) cause a change of behavior.
(-A) Appends the new rule at the end of the chain.
(-I) will insert it at the beginning when no line number is given.
Man iptables for this information
-A, --append chain rule-specification
Append one or more rules to the end of the selected chain.
When the source and/or destination names resolve to more than one address, a
rule will be added for each possible address combination.
-I, --insert chain [rulenum] rule-specification
Insert one or more rules in the selected chain as the given rule number. So,
if the rule number is 1, the rule or rules are inserted at the head of the
chain. This is also the default if no rule number is specified.
--
Regards
Robert
Smile... it increases your face value!
Linux User #296285
http://counter.li.org
More information about the CentOS
mailing list