you can skip reverse lookups by using 'ipchains -L -n' regards, stefan
From: Terence [mailto:terencel@sunway.edu.my] hi,
I have the following setup on ipchains (simplified)
step 1: Set all policies to deny ipchains -A input -i ! lo -j DENY ipchains -A output -i ! lo -j DENY
step 2: Allow whatever else. ipchains -A input ...... ACCEPT
step 3: Add the following line (to reject everything else):
ipchains -A input -j REJECT
step 4: Restore default policies
The problem is with step 3. After I run the script, I type in "ipchains -L" which takes forever to execute. The same when I try to connect to my box. Now I suspect that it might be doing reverse lookups on the dns. Am I right or is thre something wrong with my assumption of ipchains?
thanks to anyone who can help rgds
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here