From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-44536-garchives=archives.gentoo.org@gentoo.org>)
	id 1Ftke8-0005l4-G8
	for garchives@archives.gentoo.org; Fri, 23 Jun 2006 12:20:24 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.13.7/8.13.6) with SMTP id k5NCI0Xc027324;
	Fri, 23 Jun 2006 12:18:00 GMT
Received: from afrodita.emergetux.net (41.Red-80-37-233.staticIP.rima-tde.net [80.37.233.41])
	by robin.gentoo.org (8.13.7/8.13.6) with ESMTP id k5NCAdLs019910
	for <gentoo-user@lists.gentoo.org>; Fri, 23 Jun 2006 12:10:40 GMT
Received: from localhost (localhost [127.0.0.1])
	by afrodita.emergetux.net (Postfix) with ESMTP id 17F465C262
	for <gentoo-user@lists.gentoo.org>; Fri, 23 Jun 2006 14:10:41 +0200 (CEST)
Received: from afrodita.emergetux.net ([127.0.0.1])
	by localhost (afrodita.emergetux.net [127.0.0.1]) (amavisd-new, port 10024)
	with LMTP id EJ9sag3uOSzO for <gentoo-user@lists.gentoo.org>;
	Fri, 23 Jun 2006 14:10:40 +0200 (CEST)
Received: from lx-arnau.pic.es (lx-arnau.pic.es [193.146.196.198])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by afrodita.emergetux.net (Postfix) with ESMTP id 6A6075C1E3
	for <gentoo-user@lists.gentoo.org>; Fri, 23 Jun 2006 14:10:40 +0200 (CEST)
Date: Fri, 23 Jun 2006 14:10:37 +0200
From: Arnau Bria <arnau@emergetux.net>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] nfs and iptables
Message-ID: <20060623141037.33242a6f@lx-arnau.pic.es>
In-Reply-To: <20060623115526.208ae80f@lx-arnau.pic.es>
References: <20060623110408.192f26d5@lx-arnau.pic.es>
	<36022.10.0.1.1.1151055493.squirrel@mail.ilievnet.com>
	<20060623115526.208ae80f@lx-arnau.pic.es>
X-Mailer: Sylpheed-Claws 2.3.0 (GTK+ 2.8.12; i686-pc-linux-gnu)
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Archives-Salt: e1709d3f-8737-4371-ad13-ee38acb4777c
X-Archives-Hash: 557082061316c588a6bf43d51f3dbe68

Hi,

I solved it adding next at top of rules:

-A INPUT -p tcp ! --syn -j ACCEPT
-A INPUT -p udp -j ACCEPT


for what I read, it allows my connections established to pass filter 
without evaluating other rules.

Is this a correct config?


Thanks to all for your attention,

-- 
Arnau Bria
http://blog.emergetux.net
"Flanders, de nada sirve rezar: yo mismo acabo de hacerlo y los dos 
no vamos a ganar"
~Homer J. Simpson~
-- 
gentoo-user@gentoo.org mailing list