On Friday 21 June 2002 4:33 pm, Christian Seberino wrote: > My firewall iptables script has rules > to drop lots of packets and only forward > certain packets..... > > I've seen lots of iptables scripts that > have rules with "--state RELATED" > and "--state ESTABLISHED". > > I know these have to do with TCP packets > related to an existing TCP connection and such. > > *What* are these rules good for? I didn't > use them and couldn't see a need for them.
http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO-7.html#ss7.3 Look down until you find "the state match" section. Antony
