You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
28 lines
1021 B
28 lines
1021 B
4 months ago
|
:INPUT,FORWARD,OUTPUT
|
||
|
-m conntrack --ctstate NEW;=;OK
|
||
|
-m conntrack --ctstate NEW,ESTABLISHED;=;OK
|
||
|
-m conntrack --ctstate NEW,RELATED,ESTABLISHED;=;OK
|
||
|
-m conntrack --ctstate INVALID;=;OK
|
||
|
-m conntrack --ctstate UNTRACKED;=;OK
|
||
|
-m conntrack --ctstate SNAT,DNAT;=;OK
|
||
|
-m conntrack --ctstate wrong;;FAIL
|
||
|
# should we convert this to output "tcp" instead of 6?
|
||
|
-m conntrack --ctproto tcp;-m conntrack --ctproto 6;OK
|
||
|
-m conntrack --ctorigsrc 1.1.1.1;=;OK
|
||
|
-m conntrack --ctorigdst 1.1.1.1;=;OK
|
||
|
-m conntrack --ctreplsrc 1.1.1.1;=;OK
|
||
|
-m conntrack --ctrepldst 1.1.1.1;=;OK
|
||
|
-m conntrack --ctexpire 0;=;OK
|
||
|
-m conntrack --ctexpire 4294967295;=;OK
|
||
|
-m conntrack --ctexpire 0:4294967295;=;OK
|
||
|
-m conntrack --ctexpire 42949672956;;FAIL
|
||
|
-m conntrack --ctexpire -1;;FAIL
|
||
|
-m conntrack --ctdir ORIGINAL;=;OK
|
||
|
-m conntrack --ctdir REPLY;=;OK
|
||
|
-m conntrack --ctstatus NONE;=;OK
|
||
|
-m conntrack --ctstatus CONFIRMED;=;OK
|
||
|
-m conntrack --ctstatus ASSURED;=;OK
|
||
|
-m conntrack --ctstatus EXPECTED;=;OK
|
||
|
-m conntrack --ctstatus SEEN_REPLY;=;OK
|
||
|
-m conntrack;;FAIL
|