Mailinglist Archive: opensuse-security (499 mails)

< Previous Next >
RE: [suse-security] Ipchains Issue
  • From: Peer Stefan <stefan.peer@xxxxxxxx>
  • Date: Fri, 7 Jun 2002 12:38:26 +0200
  • Message-id: <3559BA35534FD511A1200002557C39B019D348@xxxxxxxxxxxxxxxxxxxxx>
you can skip reverse lookups by using 'ipchains -L -n'

regards,
stefan

> From: Terence [mailto:terencel@xxxxxxxxxxxxx]
> hi,
>
> I have the following setup on ipchains (simplified)
>
> step 1: Set all policies to deny
> ipchains -A input -i ! lo -j DENY
> ipchains -A output -i ! lo -j DENY
>
> step 2: Allow whatever else.
> ipchains -A input ...... ACCEPT
>
> step 3: Add the following line (to reject everything else):
>
> ipchains -A input -j REJECT
>
> step 4: Restore default policies
>
> The problem is with step 3. After I run the script, I type in
> "ipchains -L"
> which takes forever to execute. The same when I try to
> connect to my box.
> Now I suspect that it might be doing reverse lookups on the
> dns. Am I right
> or is thre something wrong with my assumption of ipchains?
>
> thanks to anyone who can help
> rgds
>
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>

< Previous Next >