iptables: accepting SYN --> connection ESTABLISHED
Keith Mastin
kmastin-PzQIwG9Jn9VAFePFGvp55w at public.gmane.org
Thu Oct 9 09:48:39 UTC 2003
<quote who="William Park">
On Thu, Oct 09, 2003 at 01:53:02AM -0400, Robert Brockway wrote:
> On Wed, 8 Oct 2003, William Park wrote:
>
> > > I would avoid accepting an arbitrary packet with the TCP SYN bit
> set.
> >
> > Yes, I only do this for port 25. I first accept SYN packet, but drop
> > all subsequent packets. But, I also allow ESTABLISHED connections in
> > general. So, having accepted SYN packet, the SMTP connection is now
> > established. Hence, every mail comes through. :-(
>
> Hi William. You'd need to allow ACK through as well as SYN or the
> connection would never get to the established state (where the
> ESTABLISHED
> rule would take over).
Ack with the Syn flag set maybe? Prevents those sneaky probes...
--
Keith
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list