iptables
John O'Loughlin
j.oloughlin at qmul.ac.uk
Wed Dec 13 16:17:39 UTC 2006
The idea is have ESTABLISHED,RELATED rules both ways, now for incoming
packets you then you drop any pakets that are new but not syn, in other
words tcp stuff that has arrived out of sequence. The
ESTABLISHED/RELATED ensures the rest of a valid conenection is allowed
through.
John
On Wed, 13 Dec 2006, tamer amr wrote:
> hi
>
> i want to know what is the --syn option doing in the iptables rule ?
>
>
> because i want to know what is the SYN,ACK packets ?
>
> ---------------------------------
> Check out the all-new Yahoo! Mail beta - Fire up a more powerful email and get things done faster.
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
More information about the redhat-list
mailing list