[prev in list] [next in list] [prev in thread] [next in thread] 

List:       webmin-l
Subject:    Re: [webmin-l] Default firewall (IPTABLES) set-up for hosting
From:       Andrey Repin <anrdaemon () yandex ! ru>
Date:       2018-06-29 8:59:01
Message-ID: 1904735058.20180629115901 () yandex ! ru
[Download RAW message or body]

Greetings, Joaquim Homrighausen!

> Not sure if I've asked this before (I just looked through my messages on
> the list going back to 2006), but is there a reason why the FORWARD chain is set to "ALLOW/ACCEPT"?

Why not?

> I'm pretty sure that 99.9% of "hosting providers" are would not want to
> allow IPTABLES forwarding.

iptables does not forward anything, it only filter and modify packets.

> I realize more than this is required, but still ...

Without setting the kernel to forward packets, this is irrelevant.

> I always find myself setting the default action to "DROP" for this chain in Webmin.

So do i, but this is irrelevant in most cases.


-- 
With best regards,
Andrey Repin
Friday, June 29, 2018 11:56:26

Sorry for my terrible english...


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
-
Forwarded by the Webmin mailing list at webadmin-list@lists.sourceforge.net
To remove yourself from this list, go to
http://lists.sourceforge.net/lists/listinfo/webadmin-list
[prev in list] [next in list] [prev in thread] [next in thread]