Re: default firewall/IDS that comes with DEBIAN
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jarek Buczyński wrote:
> Hello
>
Hi,
> What is difference between
>
> -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
>
> and
>
> -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
>
Quotes from the iptables tutorial :
"The conntrack match is an extended version of the state match"
You can use more specific options with the conntrack match.
Both rules do the same thing.
- --
Franck Joncourt
http://www.debian.org
http://smhteam.info/wiki/
GPG server : pgpkeys.mit.edu
Fingerprint : C10E D1D0 EF70 0A2A CACF 9A3C C490 534E 75C0 89FE
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFy3BKxJBTTnXAif4RAtcrAJ4kvPTZRh449UGsZMRGifahKwesWQCgyUo3
cLJgl9mPYHZcTcuW9pO2PnU=
=TUD2
-----END PGP SIGNATURE-----
___________________________________________________________
The all-new Yahoo! Mail goes wherever you go - free your email address from your Internet provider. http://uk.docs.yahoo.com/nowyoucan.html
Reply to: