Hi.
I have I a general question about module conntrack.
Assumed I have a firewall rule allowing all -m conntrack --ctstate
RELATED,ESTABLISHED packets.
Also assumed I have another firewall rule with a simple definition like
-A INPUT -p tcp --dport 80 -J ACCEPT
with no -m conntrack --ctstate NEW -j ACCEPT.
Will the traffic which wants to go to port 80 be identified as RELATED,
even I did not use -m conntrack --ctstate NEW in my rule allow to talk
to port 80?
Or will the traffic be rejected since the NEW package was not handled by
-m conntrack initially?
Thanks
Stefanie
