Hi, i have a question concerning the tables where are maintained the informations about the connections state. I configured my firewall script with the following lines, to permit the SSH traffic originated from the protected zone to go to Internet. iptables -A TCP_IN -i $INTERFACE -p tcp --sport 22 -m state --state ESTABLISHED -J ACCEPT iptables -A TCP_OUT -o $INTERFACE -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT The custom chain TCP_IN is listed in the default INPUT chain. The custom chain TCP_OUT is listed in the dafault OUTPUT chain. The dafault policy for the INPUT and OUTPUT chains, as you can imagine, is to DROP. My question is: How many state tables are used? one table for each main chain? One for INPUT and one for OUTPUT? I'm a bit confused..... :) Thanks Lorenzo
