Re: iptables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 
ESTABLISHED,RELATED allows packets which are part of an established TCP connection i.e. the 3-way SYN-SYN/ACK-ACK has completed with no subsequent RST. It also allows UDP packets from a source IP/port which was a destination within the past 30s.
The ESTABLISHED state doesn't just apply to packets in an established tcp connection though, it also allows packets which are part of the initial connection exchange, the syn-ack packet, otherwise you would also need rules to allow out these packets. 

John



--
Nigel Wade, System Administrator, Space Plasma Physics Group,
           University of Leicester, Leicester, LE1 7RH, UK
E-mail :    nmw@xxxxxxxxxxxx
Phone :     +44 (0)116 2523548, Fax : +44 (0)116 2523555

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list



--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]

  Powered by Linux