Differences

This shows you the differences between two versions of the page.

--- linux:firewall [2012/02/21 14:39]
greebo
+++ linux:firewall [2016/02/23 10:51]
zagi
@@ Line 209: / Line 209: @@
 #$IPTB -A INPUT -p icmp --icmp-type 0 -m hashlimit --hashlimit 10/second --hashlimit-burst 1 --hashlimit-mode srcip --hashlimit-name icmp0 -j ACCEPT
 $IPTB -A INPUT -p icmp --icmp-type 3 -m hashlimit --hashlimit 10/second --hashlimit-burst 1 --hashlimit-mode srcip --hashlimit-name icmp3 -j ACCEPT
-$IPTB -A INPUT -p icmp --icmp-type 4 -m hashlimit --hashlimit 10/second --hashlimit-burst 1 --hashlimit-mode srcip --hashlimit-name icmp4 -j ACCEPT
+#$IPTB -A INPUT -p icmp --icmp-type 4 -m hashlimit --hashlimit 10/second --hashlimit-burst 1 --hashlimit-mode srcip --hashlimit-name icmp4 -j ACCEPT
 $IPTB -A INPUT -p icmp --icmp-type 11 -m hashlimit --hashlimit 10/second --hashlimit-burst 1 --hashlimit-mode srcip --hashlimit-name icmp11 -j ACCEPT
 $IPTB -A INPUT -p icmp --icmp-type 12 -m hashlimit --hashlimit 10/second --hashlimit-burst 1 --hashlimit-mode srcip --hashlimit-name icmp12 -j ACCEPT
@@ Line 236: / Line 236: @@
 $IPTB -A FORWARD -m state --state INVALID -j DROP
 $IPTB -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-$IPTB -A FORWARD -m state --state NEW -i ! $INTERNET -j ACCEPT
+$IPTB -A FORWARD -m state --state NEW ! -i $INTERNET -j ACCEPT
 $IPTB -A FORWARD -m pkttype --pkt-type broadcast -j DROP