From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id BA2DE13824F for ; Wed, 2 Jan 2013 13:40:10 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id F3535E05D5; Wed, 2 Jan 2013 13:39:56 +0000 (UTC) Received: from homiemail-a52.g.dreamhost.com (caibbdcaaaaf.dreamhost.com [208.113.200.5]) by pigeon.gentoo.org (Postfix) with ESMTP id DD7F1E05D5 for ; Wed, 2 Jan 2013 13:38:48 +0000 (UTC) Received: from homiemail-a52.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a52.g.dreamhost.com (Postfix) with ESMTP id 5E1A26B826E for ; Wed, 2 Jan 2013 05:38:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=libertytrek.org; h= message-id:date:from:mime-version:to:subject:content-type: content-transfer-encoding; s=libertytrek.org; bh=LWDBxJyuVrDJjLi +Y3DJrY3+zYE=; b=ZCxal8ihSI1jNDqdIdnGPDzvnagv69ax+i43pnOg/ejPdRb NuxRQmyTSJN+OdpoNLqUyPEftfGIZqGbua9Bfgcc6ipvXZj3ab3zrYeTjMwx47eR O3KsF2jG7C95xw8LsCHUFrqIdiSSqhTnPy5CBNYfBo0cFCnWuZu0YybsgRdY= Received: from [127.0.0.1] (unknown [159.63.145.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: tanstaafl@libertytrek.org) by homiemail-a52.g.dreamhost.com (Postfix) with ESMTPSA id 377826B8227 for ; Wed, 2 Jan 2013 05:38:48 -0800 (PST) Message-ID: <50E43853.20203@libertytrek.org> Date: Wed, 02 Jan 2013 08:38:27 -0500 From: Tanstaafl User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:17.0) Gecko/17.0 Thunderbird/17.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: [gentoo-user] IPtables - Mangle table - when/why do I need it (or do I need it)? Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: 87a937f2-5d70-4494-8d2c-9b8b9a58bc40 X-Archives-Hash: fa37fb1d56167a3a7c2e630986e7c82c Hi all, This has been bugging me for a while... I've googled, and can't seem to find a definitive answer to this question... Lots of references to the Mangle table, but nothing that really explains what this table is or does, and when or why I would want/need it. Currently, I have this in my rules (since forever, honestly don't even remember where it came from): *mangle :PREROUTING ACCEPT [1378800222:449528056411] :INPUT ACCEPT [1363738727:447358082301] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1221121261:1103241097263] :POSTROUTING ACCEPT [1221116979:1103240864155] -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -j DROP -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP -A PREROUTING -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP COMMIT # Completed on Sun Dec 11 14:11:01 2011 This is on a mail/web server with a static IP, it does not do any NAT and does not act as a perimeter firewall, it only protects itself... Thanks for any pointers to tfm that explains this if there is one, or just for a simple explanation if not...