Register a domain and help support LQ
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 12-01-2006, 12:04 PM   #1
Registered: Sep 2005
Distribution: feather 0.72-usb, DSL,CentOS,Ubuntu, Redhat 9
Posts: 144

Rep: Reputation: 15
iptables - -syn

hi guys ,

I am writing my rc.packetfilter scripts, and i was wondering if i needed any rules like these there.

iptables -A INPUT -p tcp --syn -i eth0 --dport 23 -j ACCEPT.(what will a rules like this do)

The problem i am having now is that i seem not to understand fully waht the syn does. pls i need more clarification on how this is use and basiclly what is does.

Old 12-02-2006, 04:56 AM   #2
Senior Member
Registered: May 2001
Location: Indiana
Distribution: Gentoo, Debian, RHEL, Slack
Posts: 1,555

Rep: Reputation: 46
First off, DO NOT use telnet.

But that rule would be explained like this:
Append a rule for incoming (Traffic coming to this server)
When they are TCP syn packets
on eth0
destined for port 23
Accept them.
You may want to limit rate those, because I could syn flood you and you would be victim of a DoS. Use port 22 which is secure shell.

Last edited by musicman_ace; 12-02-2006 at 05:15 AM.
Old 12-02-2006, 03:26 PM   #3
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,545

Rep: Reputation: 160Reputation: 160
SYN packet is the first one that comes when a connection is established ( the time of syn there's no connection yet). If you want to allow a connection to a specific port, you need to allow such packets pass. There's no need to use --syn if you already allow --state NEW.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables; ACK/SYN/etc; understand the bits, and potential firewall entries TheLinuxDuck Linux - Security 2 10-18-2011 09:17 PM
syn packets crash88 Linux - Networking 2 07-02-2006 06:17 AM
Differences between NEW and --syn in iptables lord_zoo Linux - Security 4 09-02-2005 02:29 PM
SYN flood 98steve600 Linux - General 1 03-28-2005 03:27 AM
syn packets badlya Linux - Security 3 04-24-2004 04:07 PM

All times are GMT -5. The time now is 03:32 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration