tamer amr wrote:
thank for replay
but i still cant understand the difference
frist i made
1 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
2 ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
here i can ssh the host
then i removed the seconed rule to be
1 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
here i cound not ssh this host
i can't understand the logic can you explain me why in the frist state
i cant ssh and in the second i can't
"Gaddis, Jeremy L." <jeremy@xxxxxxxxxxxx> wrote: On 1/18/07, tamer amr wrote:
hi i have a strang problem
why any host can ssh me in the first list but can't in the second list
please i want to understand this case
Seeing as how the only difference between the two is a single rule, I
would hope it's obvious where you should be looking.
2 ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
In the first list, you're explicitly allowing "NEW" connection to the
"ssh" port in. In the second list, you're simply allowing traffic for
any already "ESTABLISHED" connections.
Please tell me this makes sense to you.
You might understand if you'd try to learn what related, established,
new, state, tcp, dpt and ssh means. After you will do this the second
rule will become a humanly readable sentence.
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
