[ale] iptables issue
Jim Popovitch
jimpop at yahoo.com
Mon Jul 17 16:23:33 EDT 2006
Jason Lunz wrote:
> it's an indication there may be some confusion.
Got that right! ;-)
Just to avoid some further confusion on my part, are these valid
or not, and what can I add that will stop the block on the occasional
outbound FIN:
iptables -A INPUT -p tcp -d WW.XX.YY.ZZ --dport http
-m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s WW.XX.YY.ZZ --sport http
-m state --state RELATED,ESTABLISHED -j ACCEPT
Thanks, seriously. I'm learning something new here today.
-Jim P.
More information about the Ale
mailing list