Re: iptable 1.2.11 and kernel 2.6.11-1 compatibility issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

iptables -A INPUT  -i lo  -m state --state NEW  -j ACCEPT
iptables -A OUTPUT  -o lo  -m state --state NEW  -j ACCEPT


If your firewall has a policy of DROP for any traffic that is not explicitly allowed then this rule would not work for any thing other than the first packet.  Try using this instead:

iptables -A INPUT  -i lo  -m state --state NEW,RELATED,ESTABLISHED  -j ACCEPT
iptables -A OUTPUT  -o lo  -m state --state NEW,RELATED,ESTABLISHED  -j ACCEPT

I'm just shooting from the hip here, but that would be my first guess.



Grant. . . .
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux