On 22.03.2016 19:55, Christian Robottom Reis wrote:
Hello there,
In periodically looking at my firewall logs I've always noticed that
from time to time a certain pattern will show up in my logs which
indicates that a legitimate stream which should have been marked
RELATED/ESTABLISHED isn't. I have the following rules set up to allow
related incoming traffic:
-A INPUT -i eth3 -p tcp -m tcp --dport 10000:65535
-m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth3 -p tcp -m tcp --sport 10000:65535
-m state --state RELATED,ESTABLISHED -j ACCEPT
AIUI this is what allows the response from a website request to be
targeted ACCEPT in the INPUT chain. However, my logs show that sometimes
this doesn't work. Here's a recent example:
[...]
Hello,
try to drop --state INVALID and check if you still see them.
Best regards,
Mart
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
