Hi,
I am working on a machine that needs to send SNMP informs, and receive ACKs
for these informs. I am using iptables as my firewall, and I need to find a
way to open a pinhole for the ACK to get back to me. My problem is that SNMP
informs are sent to a predefined UDP port (162) but the ACKs are returned
from a random port.
The following rules exist to allow established UDP sessions:
iptables -A INPUT-p udp -m state ?state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p udp -m state ?state NEW,ESTABLISHED -j ACCEPT
My problem is that, since the source port of the ACK is a random one, the
ACKs are dropped. Is there a way to allow all incoming UDP packets with an
unknown source port and an established dest port?
Any help will be greatly appreciated,
Thanks,
Noa
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
