The idea is have ESTABLISHED,RELATED rules both ways, now for incoming packets you then you drop any pakets that are new but not syn, in other words tcp stuff that has arrived out of sequence. The ESTABLISHED/RELATED ensures the rest of a valid conenection is allowed through.
John On Wed, 13 Dec 2006, tamer amr wrote:
hi i want to know what is the --syn option doing in the iptables rule ? because i want to know what is the SYN,ACK packets ? --------------------------------- Check out the all-new Yahoo! Mail beta - Fire up a more powerful email and get things done faster. -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
