Re: iptables and apt-get

To: debian-security@lists.debian.org
Subject: Re: iptables and apt-get
From: Jeff <jcoppock1@attbi.com>
Date: Tue, 11 Mar 2003 07:20:26 -0800
Message-id: <[🔎] 20030311152025.GA26104@jc.oftheinter.net>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 011c01c2e7dd$423c6c40$650a10ac@EVESHAM>
References: <[🔎] 001601c2e767$8f1040d0$650a10ac@EVESHAM> <[🔎] 20030311135929.789d01de.vdongen@hetisw.nl> <[🔎] 011c01c2e7dd$423c6c40$650a10ac@EVESHAM>

Ian Goodall, 2003-Mar-11 14:48 -0000:
> All is fine now. Adding the line:
> 
> iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> 
> fixes the problem. Does anyone know what this line does? I found this using
> an online script generator at http://www.iptables.1go.dk/index1.php.

Iptables is a stateful firewall, so it maintains tables of all the
sessions/connections made through it.  The line above says that the
firewall will allow traffic through the INPUT chain (or ruleset) that
is already ESTABLISHED in the "state" table, or is RELATED to any
sessions/connections already in the "state" table.

jc

-- 
Jeff Coppock		Systems Engineer
Diggin' Debian		Admin and User

Reply to:

References:
- iptables and apt-get
  - From: "Ian Goodall" <ijg@iangoodall.co.uk>
- Re: iptables and apt-get
  - From: I.R.van Dongen <vdongen@hetisw.nl>
- Re: iptables and apt-get
  - From: "Ian Goodall" <ijg@iangoodall.co.uk>

Prev by Date: AW: Peace is not off topic
Next by Date: Re: OT: Consensus
Previous by thread: Re: iptables and apt-get
Next by thread: Re: iptables and apt-get
Index(es):
- Date
- Thread