Hellow :)
> iptables -A FORWARD -m state --state NEW,INVALID -j REJECT
You must be especify the protocol on this rule:
iptables -A FORWARD -p icmp -m state --state NEW,INVALID -j REJECT
You has that to understand tables with independent rules
Brazil rules : carnaval 2003 :)
--
surf3r -o)
/\\
_\_V
-- --------
On Fri, 2003-02-28 at 07:37, netfilter@tommi.org wrote:
> Hello
>
> I'm wondering if state doesn't apply to ICMP packets.
>
> iptables -A FORWARD -p icmp -m state -d 1.2.3.4 --state NEW -j ACCEPT
> iptables -A FORWARD -m state --state NEW,INVALID -j REJECT
>
> if I ping 1.2.3.4 the echo-reply is blocked from 1.2.3.4. Is this normal, I
> thought that the echo-reply should be marked RELATED and therefore not
> blocked?
>
>
> ====
> Tomas Edwardsson
> HP Technical Support \ HP Certified System Administrator
> Red Hat Technical Support \ Red Hat Certified Engineer.
> Opin Kerfi
>
>
>
