On Fri, Nov 05, 2004 at 03:04:34PM +0000, Baruch Even wrote: >ESTABLISHED,RELATED >NEW >INVALID >pick two to cover the spectrum of attacks.
Why not all three in this order... INVALID -j REJECT ESTABLISHED,RELATED -j ACCEPT NEW -j ACCEPT (if allowed) I'm thinking PREROUTING is the best table (covers localhost, nat and bridge connections); but historically I've used it on INPUT. // George -- George Georgalis, systems architect, administrator Linux BSD IXOYE http://galis.org/george/ cell:646-331-2027 mailto:[EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
