Simon Huggins <[EMAIL PROTECTED]> writes:
[snip]
> > That's why my script, previously plugged, proceeds to REJECT, with
> > TCP-RST, ident requests separately, further down. The above does not
> > DROP identd, unless you're sending me invalid packets, of course.
>
> Indeed it does. Perhaps you should include a date in that file with
> revisions, since I downloaded a version on 12th June 2001 (date of the
> original post) which didn't contain the lines for ident.
>
> (In case people have forgotten we are talking about:
> http://spodzone.org.uk/packages/secure/iptables.sh)
It's continually evolving, although slowing down now. Last updated:
| -rw-r--r-- 1 1799 Sep 11 11:25 iptables.sh
too, to include limits on logging and an example of DNAT ;8)
~Tim
--
Not every discomfort should |[EMAIL PROTECTED]
be criminalised. (Bill Unruh) |http://spodzone.org.uk/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
