iptables firewall

Discussion in 'Server Operation' started by qqqBoss, Aug 26, 2010.

  1. qqqBoss

    qqqBoss New Member

    Hello. Can someone explain what these lines means on iptables?
    $IPTABLES -A INPUT -p udp -j DROP
    $IPTABLES -A INPUT -p tcp --syn -j DROP
  2. qqqBoss

    qqqBoss New Member

    nobody knows?
  3. qqqBoss

    qqqBoss New Member

  4. qqqBoss

    qqqBoss New Member

  5. matty

    matty Member

    Going from memory:

    All the lines are to do with INPUT. That is, packets arriving at the interface from elsewhere on connected networks.

    The first line accepts packets for connections that are already in progress that would normally receive return data. Things like ssh, ftp, irc, web browsing, whatever. This goes hand in hand with the earlier rules allowing packets from localhost and whatever is in the whitelist, which is where the connections will have been established from.

    The second drops all UDP packets.

    The last drops SYN packets. http://en.wikipedia.org/wiki/SYN_flood

Share This Page