Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > de.comp.security.firewall > #198

[iptables] --ctstate NEW matched nicht in FORWARD-Chain

From Lars Uhlmann <usenet@lars-uhlmann.de>
Newsgroups de.comp.security.firewall
Subject [iptables] --ctstate NEW matched nicht in FORWARD-Chain
Date 2019-08-13 13:24 +0200
Organization private
Message-ID <pan.2019.08.13.11.24.31.696956@lars-uhlmann.de> (permalink)

Show all headers | View raw

(Vanilla Debian "buster")

+-[# iptables -vnL FORWARD]
| Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
|  pkts bytes target     prot opt in     out     source               destination         
|     0     0 ACCEPT     all  --  vlan4  inet0   0.0.0.0/0            0.0.0.0/0            ctstate NEW
|     0     0 ACCEPT     all  --  vlan4  inet1   0.0.0.0/0            0.0.0.0/0            ctstate NEW
| 1497K 4655M ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate ESTABLISHED
+-----

Warum matched hier "NEW" nicht? Die Interfaces passen, ich hab auch die
Notation "enp1s0.4" für das VLAN probiert. Irgendwie stehe ich auf dem
Schlauch.

Danke
Lars

Back to de.comp.security.firewall | Previous | NextNext in thread | Find similar

Thread

[iptables] --ctstate NEW matched nicht in FORWARD-Chain Lars Uhlmann <usenet@lars-uhlmann.de> - 2019-08-13 13:24 +0200
  Re: [iptables] --ctstate NEW matched nicht in FORWARD-Chain Lars Uhlmann <usenet@lars-uhlmann.de> - 2019-08-13 14:45 +0200

csiph-web