[Gllug] ipchains/smtp acceptance from Demon

[tet at accucard.com]

>Accept -p icmp. There's no reason in the world to block any of icmp, you
>just end up breaking things.

Debatable. Blocking ICMP redirects that originate from outside your
network is probably a valid thing to do. Blocking ping or traceroute,
on the other hand, only serves to remove useful network troubleshooting
tools. Not that I've been battling against a BNOFH who blocks ICMP
everywhere over the past few weeks or anything...

Tet

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug