BJ Freeman <bjfree@xxxxxxxxxxxx> writes: > sorry about the post did not do a reply all and sent a personal replay > yes in the chain I have > ACCEPT all -- anywhere anywhere state > RELATED,ESTABLISHED > it is the next to last rule. You sure that works? This notation for iptables isn't familiar to me, but I'd have thought you have to specify the "state" module. The comparable line in my iptables looks like -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT Come to think of it, the "state NEW" test in your other line would have to addressed to the state module as well. BTW, usual practice is to put the established-connections rule near the start of the chain, not the end, on the grounds that the majority of packets the kernel will see will match this rule and so you want to test it sooner rather than later. regards, tom lane -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
