Displaying 1 result from an estimated 1 matches for "knowleable".
Did you mean:
knowlegable
2005 May 25
5
State rules placement
Hi all,
I have seen Shorewall places the state verification rules (-m state
--state ESTABLISHED,RELATED) as the first rule in a zone2zone chain.
This means that state checking is done after all the rules involving
from this zone to this zone. As you could have a lot of them, wont be
better to place them just after checking the state is not invalid? This
will mean a lot of packages will be