On Fri, May 23, 2008 at 11:30 AM, shimi <[EMAIL PROTECTED]> wrote: > > Is the nmap traffic coming from either one of these interfaces? Because if > so, these rules allows them to pass, regardless of any other rules you have > (as you don't have any REJECT before these rules, nor your chain policy is > set to drop packets by default...) > > -- Shimi >
Replying to myself; Actually, the default policy doesn't matter much here; It's just that every time I see a machine that's supposed to be firewalling traffic with a default policy of 'ACCEPT'... :) The first comment is still valid. -- Shimi
