-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 19 Jun 2007, Robert Nichols wrote:
R. DuFresne wrote:
On Fri, 1 Jun 2007, Martijn Lievaart wrote:
An connection is in the ESTABLISHED state once a packet has been seen. So
once the SYN is seen, the state is ESTABLISHED.
No, it is in state "new" with a mere syn sent.
You have to specify whether you are talking about the TCP connection
status or the conntrack status. A mere SYN is sufficient to make an
ESTABLISHED status in conntrack. If that were not true, then when
I send a TCP SYN packet the SYN/ACK would never make it back through
my firewall.
remember, you fiter upon the state, new established and related <ignoring
invalid here>. I was correct, you need to review the filtering contexts <smile>.
Thanks,
Ron DuFresne
- --
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629
...We waste time looking for the perfect lover
instead of creating the perfect love.
-Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFGesLxst+vzJSwZikRAtJXAJ4xGDmYV/xjS1rRQ1RwLUqNY5ulnQCbBkrL
oOttmX+tQwr8Ot1SSesPRBg=
=KF5d
-----END PGP SIGNATURE-----
