(no subject)

[Andrew Meredith]

Hi Folks,

I wonder if I might pick the collective braincells for a moment.

I have now rewritten my iptables rules to specify the state of everthing I
am allowing. Accept certain RELATED and ESTABLISHED and specify NEW as
well as the port number for ok stuff. My previous setup was really just a
simplistic port of the old ipchains rules.

I have two questions if I may.

Firstly, am I right in thinking that this will allow certain more subtle
probes to be logged, where if the whole of a protocol was allowed it might
not.

Second, I am concerned if it might have loading implications on the fairly
old and clunky box I am using as my firewall.

Hope someone can enlighten me.

Andy M