states and UDP
Steven M Campbell
Netfilter at SCampbell.net
Fri Mar 3 15:44:13 CET 2006
T. Horsnell wrote:
> Am I right in thinking that the stateful capabilities
> of iptables (NEW/ESTABLISHED/RELATED etc) only apply to
> tcp connections? If not, how are these states defined for
> udp?
>
> iptables doesnt complain if I add a rule containing
> '-p udp -m state --state NEW'
>
> Thanks,
> Terry.
>
>
any tracked connection can have state. For instance, one could write a
conneciton tracker for NFS over UDP mounts and use the state flag in
firewall rules. That's not a real example (to my knowledge), I'm just
showing that the capability is there.
More information about the netfilter
mailing list