On 1/14/07, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
TheGesus wrote: > However, for any "ESTABLISHED" connections nothing happens. > ipq_set_verdict returns the same status (IPQM_PACKET - 0x1C) in both > cases but the packets breeze on through for "ESTABLISHED" connections. > > I should note I'm doing nothing to the packets and simply returning an > NF_DROP or NF_ACCEPT. > > The iptables rules are kept as simple as possible. I have tried both > > -A INPUT -p udp -m udp --dport 7777 -j QUEUE Probably there is one rule before this one above that let packets that belong to establish connections go through.
No. There isn't. There is one ACCEPT rule beyond it which deals with the other ports (udp 7778-7790), which are of no interest to the QUEUE code. There are only two rules.
