> What is the iptables syntax I should use to create to detect inbound > TCP packets with the ACK flag set, but there is no connection > established, i.e. sender is looking for a return RST to see if a port > is open or closed?
try: iptables -A INPUT -p tcp --tcp-flags ALL ACK -m state --state NEW -j LOG --log-prefix "ACK: " This will log packets that have only ACK flag set and not being a part of established connections. Regards, Maciej Soltysiak
