Sat, 7 Jul 2001 02:04:37 +0100 (BST)
I wonder if I might pick the collective braincells for a moment.
I have now rewritten my iptables rules to specify the state of everthing I
am allowing. Accept certain RELATED and ESTABLISHED and specify NEW as
well as the port number for ok stuff. My previous setup was really just a
simplistic port of the old ipchains rules.
I have two questions if I may.
Firstly, am I right in thinking that this will allow certain more subtle
probes to be logged, where if the whole of a protocol was allowed it might
Second, I am concerned if it might have loading implications on the fairly
old and clunky box I am using as my firewall.
Hope someone can enlighten me.