On Mon, 2005-02-28 at 21:51 -0500, Robert Spangler wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thursday 24 February 2005 22:30, Ian P. Thomas wrote: > > > > >>-A RH-Firewall-1-INPUT -j LOG -d 192.168.0.5 --log-prefix "iptables: " > > > >>-A RH-Firewall-1-INPUT -j DROP > > > >>COMMIT > > > > The packets are dropped because they have a destination IP of > > 192.168.0.5 and are not being seen as being associated with an > > ESTABLISHED connection. If your outbound services, POP and web > > browsing, are operating in a sufficient manner, then I wouldn't worry > > about the dropped packets. > > The packets are not being dropped because they have a destination addresses of > 192.168.0.5. They are only being logged by the second to last rule. The > last rule is dropping everything that reaches it. Doesn't matter what ip > address it has or port it is going to. I didn't say that the packets were being dropped because they had a destination address of '192.168.0.5'. You quoted what I wrote, but your comment didn't reflect what I wrote, which is quite odd. At any rate, the following web site will tell you all you didn't want to know about connection tracking. http://kalamazoolinux.org/presentations/20010417/conntrack.html Ian
