Hi,
Question relating to ESTABLISHED,RELATED rule.
Obviously at a minimum you need this for the INPUT chain.
It also seems to help a bit with the FORWARDING chain as well.
Is it necessary for the OUTPUT chain? Will it help problems with e.g.,
sometimes I see blocks when I visit a lot of websites (TCP/port 80) from
banner ads and such, would output help here, or?
This is the rule I am asking about, currently I do not use it and I
generally do not see any problems but I am curious how come some people
use this and others do not, what are the pros/cons each way?
iptables -I OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Thanks,
Justin.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
