From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <mrkooll@tdr.pibhe.com>
Date: Mon, 1 Dec 2003 13:33:23 +0200
From: Maxim Tyurin <mrkooll@tdr.pibhe.com>
To: community@altlinux.ru
Subject: Re: [Comm] Re: Linux Gate
Message-ID: <20031201113323.GE7889@mrkooll.tdr.pibhe.com>
Mail-Followup-To: community@altlinux.ru
References: <20031126125615.GB25325@localhost.localdomain>
	<3FC4C09B.7000903@ricom.ru>
	<20031127030251.GF30675@localhost.localdomain>
	<1695420140.20031127103015@gnk.krasnoyarsk.ru>
	<20031127040452.GA1581@localhost.localdomain>
	<20031127080709.GH10424@osdn.org.ua>
	<20031130143237.GA21694@mrkooll.tdr.pibhe.com>
	<20031130214656.GA10194@localhost.localdomain>
	<20031201092438.11ba7ab8.gosha@zkb.ru>
	<20031201094348.GA9621@localhost.localdomain>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="N1GIdlSm9i+YlY4t"
Content-Disposition: inline
In-Reply-To: <20031201094348.GA9621@localhost.localdomain>
User-Agent: Mutt/1.4.1i
Keywords: 534748031
X-PGP-KeyID: 4A101D3B
X-Request-PGP: x-hkp://wwwkeys.nl.pgp.net
X-BeenThere: community@altlinux.ru
X-Mailman-Version: 2.1.3
Precedence: list
Reply-To: community@altlinux.ru
List-Id: <community.altlinux.ru>
List-Unsubscribe: <listinfo/community>,
	<mailto:community-request@altlinux.ru?subject=unsubscribe>
List-Archive: </pipermail/community>
List-Post: <mailto:community@altlinux.ru>
List-Help: <mailto:community-request@altlinux.ru?subject=help>
List-Subscribe: <listinfo/community>,
	<mailto:community-request@altlinux.ru?subject=subscribe>
X-List-Received-Date: Mon, 01 Dec 2003 11:33:29 -0000
Archived-At: <http://lore.altlinux.org/community/20031201113323.GE7889@mrkooll.tdr.pibhe.com/>
List-Archive: <http://lore.altlinux.org/community/>
List-Post: <mailto:mandrake-russian@linuxteam.iplabs.ru>


--N1GIdlSm9i+YlY4t
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: 8bit

On Mon, Dec 01, 2003 at 12:43:48PM +0300, Denis Smirnov wrote:
> On Mon, Dec 01, 2003 at 09:24:38AM +0500, Gosha wrote:
> 
>  > >  > Точно так? Чем NEW не угодил?
>  > >  > может по 2-м правилам это расписать?
>  > >  > -A INPUT -p TCP ! --syn -m state --state NEW -j DROP
>  > >  > -A INPUT -p TCP -m state --state INVALID -j DROP
>  > > Если я правильно понимаю, то первое правило вообще не может сработать,
>  > Срабатывает и еще как! Вот примерчик из лога:
>  > $ sudo cat /var/log/iptables | grep syn
>  > Dec  1 04:20:11 bgate kernel: New not syn:IN=eth2 OUT=eth1
>  > SRC=61.129.81.6 DST=217.19.114.35 LEN=40 TOS=0x00 PREC=0x20 TTL=107
>  > ID=50915 PROTO=TCP SPT=2258 DPT=34083 WINDOW=0 RES=0x00 ACK RST URGP=0
> 
> А оно не идентично INVALID?

Нет. 
Есть NEW, ESPABLISHED, RELATED и INVALID
-- 

With Best Regards, Maxim Tyurin
JID:	MrKooll@jabber.pibhe.com
			
--N1GIdlSm9i+YlY4t
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/yycD9GgyV0oQHTsRAgx8AKCpUhslP4vB9lt8J/iBAFr9Ml8FXgCdHlve
igN8m0TuMR5Na1idZNI1kps=
=acdM
-----END PGP SIGNATURE-----

--N1GIdlSm9i+YlY4t--