Other Iptables questions

blind0ne

blind0ne

is it possible to use iptables on freebsd?

Could someone explain me this 2 options in advance, please

-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -m conntrack --ctstate INVALID -j DROP
 
blind0ne said:
is it possible to use iptables on freebsd?
Click to expand...
No.

blind0ne said:
Could someone explain me this 2 options in advance, please
Click to expand...
They cause those rules to be statefull.

www.geeksforgeeks.org

Stateless vs Stateful Packet Filtering Firewalls - GeeksforGeeks

A Computer Science portal for geeks. It contains well written, well thought and well explained computer science and programming articles, quizzes and practice/competitive programming/company interview Questions.
www.geeksforgeeks.org www.geeksforgeeks.org
 
blind0ne said:
is it possible to use iptables on freebsd?
Click to expand...
No. But why would you want this?
In my opinion, PF is better, fast and more intuitive.

Iptables has some problems. On GNU/Linux, Nftables is more promising.

blind0ne said:
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
Click to expand...
This first, you are allowing incoming traffic from already-established connections

blind0ne said:
-A INPUT -m conntrack --ctstate INVALID -j DROP
Click to expand...
This second, your are dropping traffic packets marked as invalid (packet can't be identified or everything different from New, Estabilished or Related)
 
You must log in or register to reply here.
Back
Top