Flag SYN not necessarily state NEW?
Sat, 15 Jun 2002 16:52:03 +0200
Matthew Hellman wrote:
> I must not be understanding what you're saying here, because you
> definitely need both a NEW and ESTABLISHED rule. In fact, this should
> always apply and I would be rather disappointed in netfilter if there
> were any exceptions. Don't think you need a RELATED rule however (at
< least it seems to function without one). FWIW to the original poster,
> I log incoming NEW ssh connections and it has always worked and still
> does. If I connect twice, it logs it twice. kernel version: 2.4.18,
> iptables version: 1.2.6a.
I have to excuse my question from 8.5., it was at a time where i just
started to play around with iptables (used ipchains before).
My posting came very delayed to this mailing-list (more than a month),
and in the meanwhile i can't "reproduce" this behaviour anymore. So i
think it was just a mistake on my side (wrong logging or whatever, some
mistake of a beginner :)).