Hi, Looking over example IPTables rulesets dotted around the Internet a lot of them ACCEPT packets that are in state ESTABLISHED or RELATED, and DROP those in the NEW state, and that tends to form the basis of the simplest INPUT or FORWARD tables.
However they don't seem to mention the INVALID state anywhere, I presume this is a problem unless the policy for the relevant chain is DROP. Is this an oversight on the part of those config authors, or am I missing something. -- FunkyJesus System Administration Team
