TheGesus wrote: > However, for any "ESTABLISHED" connections nothing happens. > ipq_set_verdict returns the same status (IPQM_PACKET - 0x1C) in both > cases but the packets breeze on through for "ESTABLISHED" connections. > > I should note I'm doing nothing to the packets and simply returning an > NF_DROP or NF_ACCEPT. > > The iptables rules are kept as simple as possible. I have tried both > > -A INPUT -p udp -m udp --dport 7777 -j QUEUE Probably there is one rule before this one above that let packets that belong to establish connections go through. -- The dawn of the fourth age of Linux firewalling is coming; a time of great struggle and heroic deeds -- J.Kadlecsik got inspired by J.Morris
