Hello.
With firewall-cmd (and/or firewall-config), will it be possible to access the protocol flags and the state of the frames?
For example, will it be possible to do the equivalent of the following commands?
iptables -A INPUT_TCP -p tcp --syn --dport ssh -m state --state NEW -j ACCEPT
or
iptables -A CHECK_BAD_TCP -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP
thx
OK, i understand (EUREKA). I can use direct mode with passthrought argument.
For example, like this :
firewall-cmd --direct --passthrought ipv4 -A INPUT_direct -p tcp --syn --dport ssh -m state --state NEW -j ACCEPT
All is fines.
Le 23/04/2012 22:48, Philippe Marcovici a écrit :
Hello.
With firewall-cmd (and/or firewall-config), will it be possible to access the protocol flags and the state of the frames?
For example, will it be possible to do the equivalent of the following commands?
iptables -A INPUT_TCP -p tcp --syn --dport ssh -m state --state NEW -j ACCEPT
or
iptables -A CHECK_BAD_TCP -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP
thx _______________________________________________ firewalld-users mailing list firewalld-users@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/firewalld-users
firewalld-users@lists.fedorahosted.org