Re: Iptables SYN and NEW packets
From: Tim Haynes (usenet-20041122_at_stirfried.vegetable.org.uk)
Date: 11/22/04
- Previous message: Luke Robertson: "Iptables SYN and NEW packets"
- In reply to: Luke Robertson: "Iptables SYN and NEW packets"
- Next in thread: Baho Utot: "Re: Iptables SYN and NEW packets"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 22 Nov 2004 08:09:47 +0000
mark_3094@yahoo.com (Luke Robertson) writes:
> Just a really quick question.
> What is the difference between a SYN packet, and a NEW state?
> If I were to match for either of those, would I get the same result?
You don't need to have a SYN flag set in order for a packet to be NEW (for
one thing, you don't need to be talking TCP); you'll catch far more by
filtering stuff that isn't ESTABLISHED,RELATED.
~Tim
-- 08:09:03 up 96 days, 16:48, 0 users, load average: 0.18, 0.16, 0.09 piglet@stirfried.vegetable.org.uk |Headlights flash in the darkness http://spodzone.org.uk/cesspit/ |Memories twist in the rain
- application/pgp-signature attachment: stored
- Previous message: Luke Robertson: "Iptables SYN and NEW packets"
- In reply to: Luke Robertson: "Iptables SYN and NEW packets"
- Next in thread: Baho Utot: "Re: Iptables SYN and NEW packets"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
