[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: iptables problem



thank for replay
 but  i still cant understand the difference 
 
 frist   i made 
 
1    ACCEPT     all  --  anywhere        anywhere    state RELATED,ESTABLISHED
2    ACCEPT     tcp  --  anywhere        anywhere    state NEW tcp dpt:ssh
 here i can ssh the host

 then i removed the seconed rule to be
 
1    ACCEPT     all  --  anywhere        anywhere    state RELATED,ESTABLISHED

here i cound not ssh this host


i can't understand the logic can you explain me why in the frist state 
 i cant ssh and in the second i can't

 
 
"Gaddis, Jeremy L." <jeremy linuxwiz net> wrote: On 1/18/07, tamer amr  wrote:
> hi i have a strang problem
>  why any host can ssh me in the first list  but  can't in the second list
>
>  please i want to understand this case

Seeing as how the only difference between the two is a single rule, I
would hope it's obvious where you should be looking.

>  2    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh

In the first list, you're explicitly allowing "NEW" connection to the
"ssh" port in.  In the second list, you're simply allowing traffic for
any already "ESTABLISHED" connections.

Please tell me this makes sense to you.

-- 
Jeremy L. Gaddis, MCP, GCWN
http://www.linuxwiz.net/

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request redhat com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list


 
---------------------------------
Food fight? Enjoy some healthy debate
in the Yahoo! Answers Food & Drink Q&A.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]