Hello. Can someone explain what these lines means on iptables? Code: $IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT $IPTABLES -A INPUT -p udp -j DROP $IPTABLES -A INPUT -p tcp --syn -j DROP (http://bit.ly/18D0px)
Going from memory: All the lines are to do with INPUT. That is, packets arriving at the interface from elsewhere on connected networks. The first line accepts packets for connections that are already in progress that would normally receive return data. Things like ssh, ftp, irc, web browsing, whatever. This goes hand in hand with the earlier rules allowing packets from localhost and whatever is in the whitelist, which is where the connections will have been established from. The second drops all UDP packets. The last drops SYN packets. http://en.wikipedia.org/wiki/SYN_flood
