Latest LQ Deal: Linux Power User Bundle
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 11-21-2014, 07:41 PM   #1
LQ Newbie
Registered: Nov 2014
Posts: 5

Rep: Reputation: Disabled
ack and syn bit both set

Hello Forums
My question is
which iptable rule takes care of the packet which has both ack and syn bits set?
Old 11-21-2014, 08:41 PM   #2
Ser Olmy
Senior Member
Registered: Jan 2012
Distribution: Slackware
Posts: 2,464

Rep: Reputation: Disabled
A SYN/ACK packet will (normally) be a response to an earlier SYN packet used to establish a TCP connection, so there should be a corresponding entry in the conntrack table for the virtual connection. A rule containing an "ESTABLISHED" conntrack/state match is typically used to allow such packets.

You can of course create a rule to specifically match these two TCP flags (-p tcp --tcp-flags <mask> SYN,ACK). In that case, any packet with the SYN and ACK flags set (and possibly others, depending on the <mask> value) will match the rule, be it part of an established connection or not.
1 members found this post helpful.
Old 11-21-2014, 08:44 PM   #3
LQ Newbie
Registered: Nov 2014
Posts: 5

Original Poster
Rep: Reputation: Disabled
Thanks a lot for the answer.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
expanding my tc script to include prioritizing for TCP syn/ack/etc. psycroptic Linux - Networking 6 10-07-2013 06:19 PM
TCP handshake fails, SYN/ACK ignored by system. xnomad Linux - Networking 1 09-28-2011 11:10 AM
iptables blocking SYN-ACK rjordan Linux - Networking 1 06-24-2011 02:39 PM
DNAT on first SYN ACK packet sseeley Linux - Networking 2 08-24-2010 01:33 PM
SYN, SYN_ACK but no ACK nitinarora Linux - Kernel 1 05-21-2009 06:31 PM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 08:22 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration