On Sat, 15 Jun 2002, Hard__warE wrote: > >>On Wed, 8 May 2002, Ing. Christian Ogris wrote: > >> I connect from Box A via SSH to Box B, where the firewall runs, and i > >>get the state "NEW" on the first packet. > >> Then - the first connection is still established - i connect AGAIN from > >>Box A to Box B and do NOT get the state "NEW" anymore. (So obviously > >> it's already accepted by the ESTABLISHED,RELATED -j ACCEPT rule). > >> Is this behavior correct? > > >No. But so far nobody has reported such an ill-behaviour. I assume > >something is wrong in your setup/logging.
> I have tested this as im running SSH ans as you can see hear in the print > out of my packets that There is no such printout in your mail. The output of netcat is not equal with the output of the logs generated by the LOG target. > SSH needs to establish a ESTABLISHED connection to the server before any > data is correctly Encrypted .. :D Sorry, you misunderstand the different levels. The encryption in any TCP stream plays no role in the (connection) tracking of the TCP stream itself. Regards, Jozsef - E-mail : [EMAIL PROTECTED], [EMAIL PROTECTED] WWW-Home: http://www.kfki.hu/~kadlec Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary
