On Mon, 2004-07-26 at 22:06, Thomas Sapp wrote: > On Mon, 2004-07-26 at 18:56, jludwig wrote: snip > > > Tom Sapp > > > http://www.sappsworld.com > > Try > > iptables -t filter -R RH-Firewall-1-INPUT 9 -p tcp -s 204.99.118.0/24 -j > > ACCEPT > > > > The rule is there but does nothing without a jump to filter (-j DROP, > > ACCEPT, REJECT, etc) > > -- > > jludwig <wralphie@xxxxxxxxxxx> > cool, thanks. That added the accept but what about the state NEW tcp > dpt:ftp? It still tells me that --state is invalid and that is the only > option I see to add that info. Sorry for the stupid questions. :-) > -- > Thanks, > Tom Sapp > http://www.sappsworld.co The -m says insert module state S.A. iptables -t filter -R RH-Firewall-1-INPUT 9 -p tcp -s 192.168.14.12/32 -m state --state NEW -j DROP $IPTABLES -A FORWARD -s 192.168.12.12/32 -d 0/0 --match state --state NEW -j LOG $LLN --log-prefix "jMOD " NEW or !NEW (not NEW) ESTABLISHED or !ESTABLISHED RELATED or !RELATED or even !192.168.12.12/32 -- jludwig <wralphie@xxxxxxxxxxx>
