hmm is it possible that (if u use target LOG) your syslog just shows up
'blah: SYN packet received'
'last message repeatet 2 times'
;)
On Wed, 8 May 2002, Ing. Christian Ogris wrote:
I connect from Box A via SSH to Box B, where the firewall runs, and i
get the state NEW on the
On Sunday 16 June 2002 7:04 pm, Geog Hofstetter wrote:
hmm is it possible that (if u use target LOG) your syslog just shows up
'blah: SYN packet received'
'last message repeatet 2 times'
I would hope not - both the Source Port and the TCP ID number should be
different for the two
jep right, didnt think so far ;)
then i think this phenomen is neither explainable nor believeable.
if a connection is going to be established
first SYN is sent
SYN,ACK is received
and ACK will be answered
(TCP three-way handshake)
i dont know any case where TCP-connections are established(!)
I have tested this as im running SSH ans as you can see hear in the print
out of my packets that
i dont even need a Established Related Rule for SSH from the Internet or
Internaly , this is handled
by IP_conntrack moddule and so on .. :-) .
I must not be understanding what you're saying
Matthew Hellman wrote:
I must not be understanding what you're saying here, because you
definitely need both a NEW and ESTABLISHED rule. In fact, this should
always apply and I would be rather disappointed in netfilter if there
were any exceptions. Don't think you need a RELATED rule
On Sat, 15 Jun 2002, Hard__warE wrote:
On Wed, 8 May 2002, Ing. Christian Ogris wrote:
I connect from Box A via SSH to Box B, where the firewall runs, and i
get the state NEW on the first packet.
Then - the first connection is still established - i connect AGAIN from
Box A to Box B and do
On Wed, 8 May 2002, Ing. Christian Ogris wrote:
I connect from Box A via SSH to Box B, where the firewall runs, and i
get the state NEW on the first packet.
Then - the first connection is still established - i connect AGAIN from
Box A to Box B and do NOT get the state NEW anymore. (So
Good morning,
just wondering if the behavior i discovered yesterday on our iptables-
firewall is ok:
I connect from Box A via SSH to Box B, where the firewall runs, and i
get the state NEW on the first packet.
Then - the first connection is still established - i connect AGAIN from
Box A to Box
