state NEW
Jochen Vogel
jvogel at it-sec.de
Fri Nov 19 10:31:46 CET 2004
hi,
i have the following forwarding rule
$IPT -A FORWARD -i $INT -o $EXT -m state --state NEW,ESTABLISHED,RELATED -j
QUEUE
$IPT -A FORWARD -i $EXT -o $INT -m state --state ESTABLISHED,RELATED -j
ACCEPT
if i send an ACK with hping from INT to EXT it reaches the target system
if i do
$IPT -A FORWARD -i $INT -o $EXT -m state --state NEW -j ACCEPTLOG
$IPT -A FORWARD -i $EXT -o $INT -m state --state ESTABLISHED,RELATED-j
ACCEPT
i can see the following
Nov 19 12:05:20 snolin kernel: ACPT IN=eth0 OUT=ppp0 SRC=1.1.1.1 DST=2.2.2.2
LEN=40 TOS=0x00 PREC=0x00 TTL=63 ID=12368 PROTO=TCP SPT=2618 DPT=63
WINDOW=512 RES=0x00 ACK URGP=0
did i have a false understanding from NEW or whats wrong
thx for help
jo
More information about the netfilter
mailing list