From: "Piszcz, Justin Michael" <justin.piszcz@xxxxxxxxxxxx> Subject: RE: ssh Date: Wed, 14 Jul 2004 11:26:10 -0400 > Should all incoming ports that relate to a service such as SSH, FTP use > -m state --state NEW? > > I have never used this with iptables; but I remember using it with > ipfilter. > > What are the security implications (if any) of not using -m state > --state NEW? iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT I don't want other packets. -- Koyama Mituru netfilter@xxxxxxxxxxxxx
Attachment:
pgpHhLNB75aql.pgp
Description: PGP signature
