Samba help
Alexander Dalloz
alexander.dalloz at uni-bielefeld.de
Sat Jan 10 01:04:44 UTC 2004
Am Fr, den 09.01.2004 schrieb Rick Stevens um 03:16:
[ snip - longer list of iptables rules]
> Those first 6 rules could be rewritten as two:
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport
> 137:139 -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport
> 137:139 -j ACCEPT
Just for the archives: though it is seen so often - just google for
iptables scripts and you will find it - to use rules for protocol type
UDP with -m state makes no sense. UDP is, in opposition to TCP, a
stateless protocoll and this way does not know anything about NEW or
ESTABLISHED or what else.
> Saves space and typing. ;-)
> ----------------------------------------------------------------------
> - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
> - VitalStream, Inc. http://www.vitalstream.com -
Alexander
--
Alexander Dalloz | Enger, Germany
PGP key valid: made 13.07.1999
PGP fingerprint: 2307 88FD 2D41 038E 7416 14CD E197 6E88 ED69 5653
More information about the fedora-list
mailing list