---------------- Date: 10/21/2010 7:45 AM From: Wade Preston Shearer <[email protected]>
Wade Preston Shearer wrote: > On 21 Oct 2010, at 6:35, Stuart Jansen wrote: >> As long as you're already using one stateful rule, might as well make >> the others stateful too. In other words replace: >> -A INPUT -p tcp -m tcp --dport X -j ACCEPT >> with >> -A INPUT -p tcp -m state --state NEW -m tcp --dport X -j ACCEPT >> >> Here's what I would do based on your current rules: >> >> -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT >> -A INPUT -p tcp -m state --state -m tcp --dport 25 -j ACCEPT >> -A INPUT -p tcp -m state --state -m tcp --dport 80 -j ACCEPT > I dropped it in and tried to restart iptables but received an error: > > Applying iptables firewall rules: iptables-restore v1.3.5: Bad state `-m' > Error occurred at line: 9 That would be because it should read "-m state --state NEW". The state is missing. Kenneth /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
