Iptables defaults to accept input?

Martin Pitt martin.pitt at canonical.com
Mon Sep 20 14:53:15 UTC 2004


Hi Petri!

On 2004-09-20 16:39 +0200, Petri Pennanen wrote:
> I installed Ubuntu this Saturday. It is very nice, feels like the future
> of linux and I have been telling my friends about it.

Great to hear!

> However when I checked to see what the iptables rules are, I got a bit
> suprised. They are accepting all input and forwarding, I was expecting
> DROP. Is something wrong with my install or is there a reason for this?

Your installation is fine. The reason why we don't firewall packages
by default is that we don't need to because in the standard
installation there is nothing to connect to from the outside (yes,
Warty manages to have ZERO open ports :-) ). OTOH, if the user
manually installs e. g. sshd, he certainly wants to actually use it,
so it would be confusing if it would not work because the firewall
blocked it.

Martin

-- 
Martin Pitt                       http://www.piware.de
Ubuntu Developer            http://www.ubuntulinux.org
Debian GNU/Linux Developer       http://www.debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20040920/5231b403/attachment.pgp>


More information about the ubuntu-users mailing list