[
Date Prev
][
Date Next
] [
Thread Prev
][
Thread Next
] [
Date Index
] [
Thread Index
]
Re: iptables and INVALID packet filtering.
To
:
debian-firewall@lists.debian.org
Cc
: "
debian-firewall@lists.debian.org
" <
debian-firewall@lists.debian.org
>
Subject
: Re: iptables and INVALID packet filtering.
From
: Daniel Curtis <
sidetripping@gmail.com
>
Date
: Fri, 5 Apr 2013 21:22:43 +0200
Message-id
: <
[🔎]
CAASvXNuLEnTrt+38AfCMq+9H-rqL-tfvd760jUOXTXAWZKc9DQ@mail.gmail.com
>
In-reply-to
: <
[🔎]
7B0F313E-DD4F-4466-B6CD-C0F4E2D976D6@AandRSecurity.com
>
References
: <
[🔎]
CAASvXNseOJy8__QFKFir=nUmCGZDR47vFFYkeToCO3=PYp7sCw@mail.gmail.com
> <
[🔎]
515E059E.4080508@plouf.fr.eu.org
> <
[🔎]
B57F1D41-A448-439A-A912-EF921511C1CD@AandRSecurity.com
> <
[🔎]
CAASvXNtqJbKpPXXwLtr-680exHBx7EyDreWBovHdEMFAFnWdGw@mail.gmail.com
> <
[🔎]
82506A86-4FCA-4F5A-A37A-7C89EEC4F050@AandRSecurity.com
> <
[🔎]
CAASvXNsm_+mRaO2uoWsR0iwH4_2gSSLHZ14HRb_wy4uLhRDQ3Q@mail.gmail.com
> <
[🔎]
7B0F313E-DD4F-4466-B6CD-C0F4E2D976D6@AandRSecurity.com
>
Hi
So, it is better to use
state
module instead of
conntrack
,
when it comes to filter INVALID packets or it does not
matter, which module will be in use? What is your
opinion on this?
I'm wondering why there is so much entries about INVALID
packets in log files. Frankly, after - let say - 6, 7 hour of
computer use, there are about 40-50 logged events. Maybe
more. I don't know if it is something wrong.
I know, that in e.g. iptables v1.4.16.3,
state
module is obsolete.
But this is just an example;
$
... INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
WARNING: The state match is obsolete. Use conntrack instead.
This
module
was
available
in iptables v1.4.13. Of course,
if I remember correctly.
Best regards Matthew.
Reply to:
debian-firewall@lists.debian.org
Daniel Curtis (on-list)
Daniel Curtis (off-list)
Follow-Ups
:
Re: iptables and INVALID packet filtering.
From:
Pascal Hambourg <pascal@plouf.fr.eu.org>
References
:
iptables and INVALID packet filtering.
From:
Daniel Curtis <sidetripping@gmail.com>
Re: iptables and INVALID packet filtering.
From:
Pascal Hambourg <pascal@plouf.fr.eu.org>
Re: iptables and INVALID packet filtering.
From:
Matthew Babcock <MBabcock@AandRSecurity.com>
Re: iptables and INVALID packet filtering.
From:
Daniel Curtis <sidetripping@gmail.com>
Re: iptables and INVALID packet filtering.
From:
Matthew Babcock <MBabcock@AandRSecurity.com>
Re: iptables and INVALID packet filtering.
From:
Daniel Curtis <sidetripping@gmail.com>
Re: iptables and INVALID packet filtering.
From:
Matthew Babcock <MBabcock@AandRSecurity.com>
Prev by Date:
Re: iptables and INVALID packet filtering.
Next by Date:
Re: postfix through TOR DNS.
Previous by thread:
Re: iptables and INVALID packet filtering.
Next by thread:
Re: iptables and INVALID packet filtering.
Index(es):
Date
Thread