On Wed, 26 Apr 2000, Ivan J. Varzinczak wrote:
> > Hello, everybody! > > I'm translating a set of firewall rules from a BSD-Unix that > uses ipfw to ipchains in linux 2.2.14. > I have a rule that states the following: > > /sbin/ipfw add 1051 pass tcp from any to any established > > and I don't know how to translate this to ipchains, because of the > option "established". > May anyone give me any sugestions, please? > > Thanks in advance! > > I think BSD-Unix uses a state firewall. On linux 2.3.99, netfilter knows how to take actions based on the state of a packet(NEW,ESTABLISHED,RELATED,INVALID). An example is given in its howto on http://netfilter.kernelnotes.org. I suggest you read it, and if you like it, try it, but remember, it only works on a development kernel.
