Results 11 to 12 of 12
I know this doesn't really solve your problem, but I'd like to say that you should probably just drop the whole INVALID filter. I believe that the attacks that this ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 07-03-2013 #11
The question is "why are these packets being marked as invalid?", but a better question is, "do i really need this filter in the first place?". For an effort/reward ratio I would say get rid of it.
- 07-05-2013 #12
Quick look at your rules shows me that you have one hell of a mess for rules. All your ESTABLISHED,RELATED rules will never match because you do not have any NEW rules adding information to the db that iptables looks at for the established connections. You should take another look at your rules and figure out what you really need and trash the rest. You might also thing about limiting the packets that get logged and how often. Not sure why you are doing what you are but what are you looking to do with this firewall? Are you just reading something on line and then adding them to your rules?
Here is a document you should read IPTABLES TUTORIAL
The adventure of a life time.
Linux User #296285