* Zachary Uram: > iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT You should restrict RELATED to ICMP. For TCP and UDP, RELATED can open up your internal network to the outside world (depending on what firewall helpers you have loaded).