precedence and redundancy questions re ACCEPT vs NEW

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Greetings:

If my firewall receives a packet from 1.2.3.4, which rule
accepts it?

-A INPUT -s 1.2.3.4                       -j ACCEPT
-A INPUT -s 1.2.3.4 -m state --state NEW  -j ACCEPT
-A INPUT -s 1.2.3.4 -p TCP   --syn        -j ACCEPT      

Does it matter if the packet is the first of a new
connection?

Are these lines redundant in the sense they will all allow a
first connection packet through?

Are rules #2 and #3 the same?

Regards,

PH

++++++++++++
Padraig Houlahan
IT Manager
Lowell Observatory
Flagstaff, AZ
928-774-3358 x 214
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux