On Fri, 2004-11-05 at 17:13, George Georgalis wrote: > On Fri, Nov 05, 2004 at 03:04:34PM +0000, Baruch Even wrote: > > >ESTABLISHED,RELATED > >NEW > >INVALID > >pick two to cover the spectrum of attacks. > > Why not all three in this order... > > INVALID -j REJECT > ESTABLISHED,RELATED -j ACCEPT > NEW -j ACCEPT (if allowed)
If you checked INVALID and ESTABLISHED, the rest has to be NEW. You can check it if you want for completeness, you can avoid checking it to save a few bits compared. Baruch -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
