[lug] the world's easiest iptables firewall

Jeffrey Siegal jbs at quiotix.com
Mon Dec 13 11:35:23 MST 2004

Kevin Fenzi wrote:
> Optionally, you can add in between these 2 rules: 
> iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT

I prefer to use "-m state --state NEW" or --syn for that.  Other packets 
should be allowed only for existing connections.

More information about the LUG mailing list