Hello, I have finished setting up a linux based firewall (slackware) and I feel it is locked down well enough. In order to allow internal clients to access external web servers I added a rule to forward port 80. I then found that no packets would make it back in, so I added another rule allowing ext to int interface forwarding for established connections. What I want to know is can I trust having one rule saying iptables -A FORWARD -i external -o internal -m state --state ESTABLISHED -j ACCEPT or should I have many rules like iptables -A FORWARD -i external -o internal -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT Seems like a dumb question -- I guess what I really should be asking is how secure is "-m state --state ESTABLISHED" ? -- Michael Gale Network Administrator Utilitran Corporation
