--- Rob Sterenborg <rob@xxxxxxxxxxxxxxx> wrote: > > 7. /sbin/iptables -A INPUT -p tcp --dport 53 > --syn > > -j ACCEPT #DNS > > DNS uses udp for normal lookups. Only in special > cases tcp is used. > I noted --syn can only be used with protocol tcp. How do I write a similar rule to accept connections to udp port 53? > You could check for tcp_flags. Certain combinations > can be logged and/or > dropped. > Packets with state INVALID could normally be safely > dropped. > I don't see a good explanation of tcp-flags either on iptables man pages or Packet Filtering HOWTO. What are meaning of SYN,ACK,FIN,RST,URG,PSH? What combinations can be logged/dropped? Appreciate your comment on this issue. Sagara __________________________________ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/
