Matthew Babcock a écrit : > > > I know iptables -A INPUT -m state --state INVALID -j DROP works well. > And it does pick out invalid (aka out of state) UDP packets. DNS is one > additional example.
AFAIK, UDP packets cannot be in the INVALID state. Can you provide an example of a UDP DNS packet in the INVALID state ? -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
