> I have tested this as im running SSH ans as you can see hear in the print > out of my packets that > i dont even need a Established Related Rule for SSH from the Internet or > Internaly , this is handled > by IP_conntrack moddule and so on .. :-) .
I must not be understanding what you're saying here, because you definitely need both a NEW and ESTABLISHED rule. In fact, this should always apply and I would be rather disappointed in netfilter if there were any exceptions. Don't think you need a RELATED rule however (at least it seems to function without one). FWIW to the original poster, I log incoming NEW ssh connections and it has always worked and still does. If I connect twice, it logs it twice. kernel version: 2.4.18, iptables version: 1.2.6a. Goodluck Matt
