Hello. The below is my firewall script. I'm not 100% certain but I think it basically means * let anything out, * let anything from myself go to myself, * let anything in which corresponds to a pre-existing connection, * respond to a few ICMP, * drop everything else.

Quote:

#!/bin/sh iptables -P INPUT DROP iptables -P FORWARD DROP iptables --flush iptables --delete-chain iptables -P FORWARD DROP iptables -P INPUT DROP iptables -A INPUT -i lo --source 127.0.0.1 --destination 127.0.0.1 -j ACCEPT iptables -A INPUT -m state --state "ESTABLISHED,RELATED" -j ACCEPT iptables -A INPUT -p icmp --icmp-type destination-unreachable -j ACCEPT iptables -A INPUT -p icmp --icmp-type time-exceeded -j ACCEPT iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT iptables -A INPUT -j DROP iptables-save | tee /etc/sysconfig/iptables

This works fine for the most part since I'm not running a server. The interesting bit is when I try to use p2p. I have Apollon with the Ares, OpenFT, Gnutella, and FastTrack plug-ins. Ares and Gnutella NEVER connect, but I can use FastTrack and OpenFT fine. I can't download from people behind firewalls, presumably because after sending a "push", my machine will refuse the reflected connection (it would be nice to accept push responses on a specific port but that's another problem). Why don't Ares and Gnutella connect? I'd also like to find out if my firewall actually works and if it's sensible. My IP for the next hour or so will be 84.9.255.72 so if anyone cares to scan me, I'd love to hear the results. I don't really know how.

This sounds more like a Linux iptables administration question than a networking and multiplayer question. Thus, I'll move this into Everything Unix.