On Sat, 13 Sep 2003, Luis legar Garcia wrote:
> Dear Faheem,
>
> As longh as I understand the rule:
>
> iptables -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --syn -j REJECT
>
> it will reject ALL except INVALID, even 'Established' and 'Related' connections,
> which you should allways allow.
> To avoid this I'd put just before it something like
>
> iptables -A RH-Lokkit-0-50-INPUT -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
>
> and maybe the same rule but for UDP packets.
> bye,
> legar, from Argentina
What kinds of problems could I expect to see if these 'Established'
and 'Related' connections are not allowed? I have been using the rules
I posted for some days now, and have seen no problems yet.
Faheem.
