On 03/04/2006 12:34 AM, T. Horsnell wrote: > Am I right in thinking that the stateful capabilities > of iptables (NEW/ESTABLISHED/RELATED etc) only apply to > tcp connections? If not, how are these states defined for > udp? > > iptables doesnt complain if I add a rule containing > '-p udp -m state --state NEW' Conntrack states are valid for all protocols. They are different from TCP states. The man page and tutorial describe what they mean: http://iptables-tutorial.frozentux.net/iptables-tutorial.html#USERLANDSTATES
