thank for replay but i still cant understand the difference frist i made 1 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED 2 ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh here i can ssh the host then i removed the seconed rule to be 1 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED here i cound not ssh this host i can't understand the logic can you explain me why in the frist state i cant ssh and in the second i can't "Gaddis, Jeremy L." <jeremy@xxxxxxxxxxxx> wrote: On 1/18/07, tamer amr wrote: > hi i have a strang problem > why any host can ssh me in the first list but can't in the second list > > please i want to understand this case Seeing as how the only difference between the two is a single rule, I would hope it's obvious where you should be looking. > 2 ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh In the first list, you're explicitly allowing "NEW" connection to the "ssh" port in. In the second list, you're simply allowing traffic for any already "ESTABLISHED" connections. Please tell me this makes sense to you. -- Jeremy L. Gaddis, MCP, GCWN http://www.linuxwiz.net/ -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list --------------------------------- Food fight? Enjoy some healthy debate in the Yahoo! Answers Food & Drink Q&A. -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
