[nflug] IPTABLES TCP unclean

Justin Bennett Justin.Bennett at Dynabrade.com
Thu Feb 16 12:49:56 EST 2006


I'm running a iptables firewall, I've got a rule that blocks TCP Unclean 
packets.

iptables -A INPUT -m unclean -j DROP
iptables -A FORWARD -m unclean -j DROP

There is a customer who can't connect to our mail server, I've ruled 
everything else out. When I comment out these two rules, he can connect. 
There's something funky I beleive with the way he is forming packets. 
Does anyone know what this blocks? would it be a security issue if I 
allow tcp unclean from his ip address?

Justin

-- 
Justin Bennett
Network Administrator
Dynabrade, Inc.
8989 Sheridan Dr.
Clarence, NY 14031
 

_______________________________________________
nflug mailing list
nflug at nflug.org
http://www.nflug.org/mailman/listinfo/nflug



More information about the nflug mailing list