[CentOS] Default CentOS(Redhat) iptables, Secure?
Kai Schaetzl
maillists at conactive.com
Thu Dec 1 21:31:17 UTC 2005
Aleksandar Milivojevic wrote on Thu, 01 Dec 2005 00:05:48 -0600:
> "Helper" option means that particular helper module marked the packet as
> related. In this case that module would be ip_conntrack_ftp indeed.
> Note that the option does not trigger loading of the module. It simply
> checks what placed packet into related state.
I see, thanks. With the ftp rules I use there's already a difference with
and without conntrack_ftp being loaded. So, that looked sufficient. That
module probably is what helps to identify the RELATED state, but as long as
I don't specify the helper it could be any other (as long if I load
others). I'll check if I can finetune them with "helper".
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center: http://ie5.de & http://msie.winware.org
More information about the CentOS
mailing list