Is there any advantage/disadvantage of using state for DROPS and REJECTS ? I noticed I had the following rules which I really don't understand on my transparent bridge.`
IPTABLES="/sbin/iptables" OINT="eth1" $IPTABLES -I FORWARD -m state --state INVALID -j DROP $IPTABLES -A FORWARD -p tcp -m state -m physdev --physdev-in $OINT -s 129.2.16.23/32 --destination-port 25 --state NEW,ESTABLISHED,RELATED -j REJECT $IPTABLES -A FORWARD -p tcp -m state -m physdev --physdev-in $OINT --destination-port 1:1024 --state NEW,ESTABLISHED,RELATED -j REJECT $IPTABLES -A FORWARD -p udp -m state -m physdev --physdev-in $OINT --destination-port 1:1024 --state NEW,ESTABLISHED,RELATED -j REJECT -- ------------------------------------------ Ted Knab Chester, Maryland 21619 USA ------------------------------------------ The perception of knowledge is an egotistical farce in which humans extrapolate from simplifications. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
