13,420
edits
Changes
no edit summary
Usually when setting policy rules with iptables, a general "overall" policy is set (default policy chain). A good way to think about setting policies is to have a safety net to take some sort of action to prevent un-handled packets from passing through the firewall by mistake.After the default policy is set-up, then specific exceptions to the default policy can be added to control specific network traffic.
An example would be to set a default policy for incoming network traffic (INPUT chain) to DROP everything, and then set an exception certain exceptions (like ssh connections). Note the following table below for policy setting examples.
'''Policy Setting Examples:'''
