[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter-devel
Subject:    [PATCH] (documentation) iptables -F
From:       bert hubert <ahu () ds9a ! nl>
Date:       2001-08-31 21:55:48
[Download RAW message or body]

The behaviour of 'iptables -F', without a chain, was undocumented. As I've
been locked out of my networks a few times already because I forgot that -F
does not change your policy to ACCEPT, I thought it wise to add a warning
about running iptables -F when having DROP policies.

1 line:
Bring -F manpage in line with reality, add warning about policy retention

Regards,

bert hubert 

diff -B -u -b -r1.22 iptables.8
--- userspace/iptables.8        19 Aug 2001 10:26:37 -0000	1.22
+++ userspace/iptables.8        31 Aug 2001 21:47:49 -0000
@@ -147,7 +147,10 @@
 .TP
 .B "-F, --flush"
 Flush the selected chain.  This is equivalent to deleting all the
-rules one by one.
+rules one by one. When no chain is specified, flushes all chains in the  
+selected table. WARNING: retains your policy, which may be
+.IR DROP 
+!
 .TP
 .B "-Z, --zero"
 Zero the packet and byte counters in all chains.  It is legal to  

[prev in list] [next in list] [prev in thread] [next in thread]