From: Spyros T. <st...@ya...> - 2013-01-30 11:30:54
|
>> Spyros, >> I've not dealt with IPCop rules much (so far, just using the vanilla >> config), but normally, firewall rules are of the form: >> Accept (some traffic) >> Accept (some more traffic) >> .... >> Deny (everything else) >> >> They are effectively processed top-down, so if the traffic doesn't > match any >> of the accept rules, then it gets caught by the deny at the end. > > > > Hi Bruce, > > So, from what you describe, I should state the "allow" rules FIRST, > then the "DENY" ones ? > > I cannot get my head round it since ipcop v2.0.x allows all outgoing > by default. > > I'll play with it though; > > Thank you kindly, > > Spyros Hello again people, Thank you all for your replies. It seems I had to add the DENY rules in the end. If the DENY rules are at the end of the list, everything works as expected. Thank you all. Bruce thank you very much for your intuitive reply. So, to recap, for IpCop v2.0.x : 1. ALLOW rules first 2. DENY rules at the end of the list. Ta, s. ---- "I merely function as a channel that filters music through the chaos of noise" - Vangelis |