Iptables defaults to accept input?
Martin Pitt
martin.pitt at canonical.com
Mon Sep 20 14:53:15 UTC 2004
Hi Petri!
On 2004-09-20 16:39 +0200, Petri Pennanen wrote:
> I installed Ubuntu this Saturday. It is very nice, feels like the future
> of linux and I have been telling my friends about it.
Great to hear!
> However when I checked to see what the iptables rules are, I got a bit
> suprised. They are accepting all input and forwarding, I was expecting
> DROP. Is something wrong with my install or is there a reason for this?
Your installation is fine. The reason why we don't firewall packages
by default is that we don't need to because in the standard
installation there is nothing to connect to from the outside (yes,
Warty manages to have ZERO open ports :-) ). OTOH, if the user
manually installs e. g. sshd, he certainly wants to actually use it,
so it would be confusing if it would not work because the firewall
blocked it.
Martin
--
Martin Pitt http://www.piware.de
Ubuntu Developer http://www.ubuntulinux.org
Debian GNU/Linux Developer http://www.debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20040920/5231b403/attachment.sig>
More information about the ubuntu-users
mailing list