Hi all, When writing a rule, if one doesn't specify a state, state NEW is assumed, right ? If the first packet of a connection arrives, it has state NEW and subsequent packets are ESTABLISHED or RELATED. The first packet also has the --syn flag set so new packets could also be identified by --syn. If checking for state NEW, is there any reason to also check if the --syn flag is set or is it enough to just rely on state NEW ? Gr, Rob
