On Thu, February 9, 2006 14:17, Mark-Walter@xxxxxxxxxxx wrote: > Hi, > > I've have this in my firewall rule script and I'am unsure about DROP: > > # > # allowed chain > # > > $IPTABLES -A allowed -p TCP --syn -j ACCEPT > $IPTABLES -A allowed -p TCP -m state --state ESTABLISHED,RELATED -j > ACCEPT > $IPTABLES -A allowed -p TCP -j DROP > > The first should allow tcp connections with syn,rst,ack and he should > accept it. > > The second one describes already established connections with ACCEPT. > > But what happens in the third rule ? > > Does it mean iptables DROP every TCP connection in the case syn,rst,ack is > not set and the connection is not established. Or related. Yes. > Does iptables storing all connection's with connection tracking to know > which connection is established,related ? (2. rule) Yes. See : /proc/net/ip_conntrack > Sorry, for these questions but I think it's fast answer for you. I think this is a good read : http://iptables-tutorial.frozentux.net/iptables-tutorial.html Gr, Rob
