> Are there any differences between > > iptables -A FORWARD -p tcp -i ppp0 --dport 80 \ > -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT > > and > > iptables -A FORWARD -p tcp -i ppp0 --dport 80 -j ACCEPT The first won't match INVALID but the second will.