* Zachary Uram: > iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
You should restrict RELATED to ICMP. For TCP and UDP, RELATED can open up your internal network to the outside world (depending on what firewall helpers you have loaded). -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
