30 Oct
2002
30 Oct
'02
23:33
On Thursday 31 October 2002 00.27, Anders Johansson wrote: <snip> Also, if I'm reading this correctly *) test "$DONE_ALL" = yes || for CHAIN in input_int input_dmz input _ext; do $LAA $IPTABLES -A $CHAIN -j LOG ${LOG}"-ACCEPT " -p udp --sp ort $j --dport 1024:65535 $IPTABLES -A $CHAIN -j "$ACCEPT" -m state --state NEW,ESTABL ISHED,RELATED -p udp --sport $j --dport 1024:65535 done ;; It looks like if you have anything unrecognized (like "domain" or "ntp") then all high udp ports will be open