[lug] Restoring my iptables
Jed S. Baer
blug at jbaer.cotse.net
Thu May 13 16:43:03 MDT 2021
On Wed, 12 May 2021 20:57:12 -0600
Bear Giles wrote:
> The weird combination of flags *might* be due to a malicious kernel mode a
> number of years ago. One of the conditionals was FLAG1 & FLAG2 instead of
> FLAG1 && FLAG2. That would be a compiler error message that you can't use
> a number (FLAG1 & FLAG2) as a boolean value but C doesn't care.
I don't think it's a similar situation. My knowledge of IP networking
doesn't extend to the level beyond knowing that ACK is acknowledge, and
maybe a couple other of those terms, more as definitions.
That saved ruleset I found has to be over 10 years old, and I found another
even older one, generated by RedHat, which I guess goes back to when I was
briefly running Fedora, and that way long ago, but it does illustrate some
ACCEPT rules for udp and icmp stuff. And that's a hint as to why my DROP
rule is only for tcp.
I'm on Ubuntu 20.04 - the last release before it moved to nft. I'm probably
better off trying a firewall management tool that (I hope) provides sane
defaults for a typical desktop. I know there's an ipt -> nft migration
script too.
--
All operating systems suck, but Linux just sucks less
- Linus Torvalds
More information about the LUG
mailing list