[aineo]

I have an iptables question from a class at school that is driving me crazy. I am supposed to explain the entries in this iptables file. I know what they all mean, but I do not know the specifics. Here is the file:

*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:INICMP - [0:0]
:OUTICMP - [0:0]
[0:0] -A INPUT -i lo -j ACCEPT
[0:0] -A OUTPUT -o lo -j ACCEPT
COMMIT

I understand that it is saying the INPUT, FORWARD, and OUTPUT chains are all set to drop and the loopback is set to accept, but I do not understand the significance of the numbers following each of these lines. Also, why are INICMP and OUTICMP in there? They weren't in the rules I defined. By the way, here is the ruleset that is running:

#!/bin/sh
# Remove any existing rules
iptables --flush
# Set up the default policy for each of the chains
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP
# Unlimited traffic on the loopback interface
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

The man pages do not seem to give the specifics I am looking for. If someone can either explain this to me, or point me to a reference that explains it, I would be very grateful. Thanks!

[HKOldGuy]

Let me try.
INICMP means incoming ping
OUTICMP means outgoing ping
I don't know what is meant by "- [0,0]".
Assume that "- [0,0]" means DROP.
The following is my iptables commands
:
iptables -A INPUT -p icmp -j DROP
iptables -A OUTPUT -p icmp -j DROP

[aineo]

A friend of mine just found a link that explained some of this. The [0,0] is actually [packet counter:byte counter]. The reason these were 0 must have been because the rules had not been tested. The INICMP and OUTICMP would relate to pings, but I don't know how they got in there because they weren't defined in my rules. Anyway, the [0:0] was my main problem and now I know what it is. Thanks for the input HKOldGuy!

The link is case you are interested is http://www.faqs.org/docs/iptables/iptables-save.html