Hello all
can someone explain me what is the difference in iptables states new/established ?
and what the iptables -m state mean?
thanks !!!
iptables
-
joebeasley3rd
- Posts: 4
- Joined: 2014/01/10 20:17:50
Re: iptables
Found answer here.
-m state. Match state.
NEW
NEW refers to incoming packets that are the first packet for an incoming connection that was not initiated by the host system. An example is the SYN packet in a TCP connection. However the packet may as well not be a SYN packet, and still be considered NEW.
ESTABLISHED
An ESTABLISHED connection is a connection the firewall knows about and it's tracking. The ESTABLISHED state has seen traffic in both directions and will then continuously match those packets. The only requirement to get into an ESTABLISHED state is that one host sends a packet, and that it later on gets a reply from the other host. ICMP reply messages can also be considered as ESTABLISHED, if we created a packet that in turn generated the reply ICMP message.
-m state. Match state.
NEW
NEW refers to incoming packets that are the first packet for an incoming connection that was not initiated by the host system. An example is the SYN packet in a TCP connection. However the packet may as well not be a SYN packet, and still be considered NEW.
ESTABLISHED
An ESTABLISHED connection is a connection the firewall knows about and it's tracking. The ESTABLISHED state has seen traffic in both directions and will then continuously match those packets. The only requirement to get into an ESTABLISHED state is that one host sends a packet, and that it later on gets a reply from the other host. ICMP reply messages can also be considered as ESTABLISHED, if we created a packet that in turn generated the reply ICMP message.