-----Original Message-----
From: Sneppe Filip [mailto:[EMAIL PROTECTED]]
Sent: 24. april 2002 14:50
To: Sigmund Vegheim; [EMAIL PROTECTED]
Subject: RE: Statefull inspectionSigmund,
Correct. Stuff doesn't just get dropped from the connection tracking,
not even after a script reloads the rules. So you have to be careful
with stuff that is still in /proc/net/ip_conntrack.
Regards,
Filip
-----Original Message-----
From: Sigmund Vegheim [mailto:[EMAIL PROTECTED]]
Sent: Wed 24/04/2002 13:53
To: 'Lee Evans'; Netfilter (E-mail)
Cc:
Subject: RE: Statefull inspection
Right! Of, course. But this means that I cannot say that iptables walks
through the connection table and drops the already established connections
based on the new ruleset?
Sigmund
> -----Original Message-----
> From: Lee Evans [mailto:[EMAIL PROTECTED]]
> Sent: 24. april 2002 13:45
> To: Sigmund Vegheim; [EMAIL PROTECTED]
> Subject: RE: Statefull inspection
>
>
> It depends - If you have a rule in your firewall to allow ESTABLISHED
> connections through, and this comes *before* the rule to
> dissalow any and
> all ssh traffic, the exisiting connections will fall under
> the first rule
> and the connection will be allowed to continue.
>
> Regards
> Lee
> --
> Lee Evans
> http://www.leeevans.org
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Sigmund Vegheim
> Sent: 24 April 2002 12:37
> To: [EMAIL PROTECTED]
> Subject: Statefull inspection
>
>
> Hello everyone!
>
> Does anybody know if it's right that iptables don't close
> down established
> ssh-connections through the firewall
> when you implement a rule to stop this ssh traffic, and
> restart iptables?
>
> Thanks in advance,
>
> ./Sigmund
>
>
>
Title: RE: Statefull inspection
But
this is a security risk. The statefullness of the firewall isn't good enough for
business use, I would say.
Is
this because of iptables or netfilter? This is a rather important issue and the
documentation on this is poor.
It
seems that iptables way of implementing statefull inspection only is a matter of
speed?
- Statefull inspection Sigmund Vegheim
- RE: Statefull inspection Sigmund Vegheim
- RE: Statefull inspection Sneppe Filip
- RE: Statefull inspection Sneppe Filip
- Re: Statefull inspection Sigmund Vegheim
- Re: Statefull inspection Ramin Alidousti
- RE: Statefull inspection Sigmund Vegheim
- RE: Statefull inspection Sneppe Filip
- RE: Statefull inspection Joe Patterson
- RE: Statefull inspection Sigmund Vegheim
