Mailinglist Archive: opensuse-security (511 mails)
| < Previous | Next > |
UDP and "-m state --state xxx"? (Re: [suse-security] Looking for a secure time service)
- From: "Ralph Seichter" <r.seichter@xxxxxxxxxxx>
- Date: Wed, 29 Aug 2001 10:00:45 +0200
- Message-id: <OF63D0323C.04E7DECA-ONC1256AB7.002BF1E8@xxxxxxxxxxx>
Andreas Baetz wrote:
> iptables -t filter -A INPUT -i <your interface>
> -m state -p udp [...] --state ESTABLISHED
There, you got me confused. I'm a freshman in the firewall arena, and
although I can understand that "-m state --state xxx" makes sense with TCP
(which opens and closes _directed_ connections actively), I don't know if
and how this makes sense with UDP. If I'm not mistaken, UDP is undirected
and has no notion of "NEW" or "ESTABLISHED", or has it?
Mit freundlichen GrĂ¼ssen / Regards
Dipl. Inform. Ralph Seichter
ISC Informatik Service & Consulting GmbH
Tel +49 2241 867-0 mailto:r.seichter@xxxxxxxxxxx
Fax +49 2241 867-222 http://www.isc-inf.com/
> iptables -t filter -A INPUT -i <your interface>
> -m state -p udp [...] --state ESTABLISHED
There, you got me confused. I'm a freshman in the firewall arena, and
although I can understand that "-m state --state xxx" makes sense with TCP
(which opens and closes _directed_ connections actively), I don't know if
and how this makes sense with UDP. If I'm not mistaken, UDP is undirected
and has no notion of "NEW" or "ESTABLISHED", or has it?
Mit freundlichen GrĂ¼ssen / Regards
Dipl. Inform. Ralph Seichter
ISC Informatik Service & Consulting GmbH
Tel +49 2241 867-0 mailto:r.seichter@xxxxxxxxxxx
Fax +49 2241 867-222 http://www.isc-inf.com/
| < Previous | Next > |