On Fri, Apr 19, 2002 at 02:48:42PM +0100, Antony Stone wrote: > On Friday 19 April 2002 2:39 pm, Ramin Alidousti wrote: > > > Is it not because of the NEW state in the second and third rule? > > Once the first rule matches then the conntrack entry gets created > > for that connection which makes it an ESTABLISHED for the second > > and third rule. > > Surely a NEW connection can only become ESTABLISHED after the first packet > has been ACCEPTed, and the next packet/s come along in the TCP three-way > handshake ? > > If a "-j LOG" rule could turn a NEW connection into an ESTABLISHED one, then > a lot of the stuff I drop after logging it would appear to be ESTABLISHED - > not at all what I want !
OK. Sounds logical. Ramin > Antony.
