From: Marc Green <marc.green@skynet.be>
To: netfilter@lists.netfilter.org
Subject: Performance problems on my firewall using iptables (SuSEfirewall2)
Date: Wed, 09 Nov 2005 21:02:39 +0100 [thread overview]
Message-ID: <437255DF.7060903@skynet.be> (raw)
[-- Attachment #1: Type: text/plain, Size: 669 bytes --]
Find herewith the result of the "iptables-save" command.
Some notes :
For Derick :
==> Yes I'm running a graphical interface. But nobody logs on this
system except me sometimes to do administration.
==> In the first mail that is right there was no files attached with it.
I prefered not to sent them (after typing it but forgot to erase the
text) no to overload the list with info that might not be necessary.
==> 2 internal networks on the same interface: on one of the networks I
have the children computers. With crontab I just bring one network down
at a specific time to shutdown Internet access for the kids but not for me.
Many thanks for your concern(s).
[-- Attachment #2: iptables.save --]
[-- Type: text/plain, Size: 16404 bytes --]
# Generated by iptables-save v1.2.2 on Wed Nov 9 19:58:37 2005
*mangle
:PREROUTING ACCEPT [1425307:679759088]
:OUTPUT ACCEPT [129618:24422877]
-A PREROUTING -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --sport 22 -j TOS --set-tos 0x10
-A PREROUTING -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --dport 22 -j TOS --set-tos 0x10
-A PREROUTING -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --sport 20 -j TOS --set-tos 0x08
-A PREROUTING -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --dport 20 -j TOS --set-tos 0x08
-A PREROUTING -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --sport 80 -j TOS --set-tos 0x08
-A PREROUTING -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --dport 80 -j TOS --set-tos 0x08
-A PREROUTING -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --sport 53 -j TOS --set-tos 0x10
-A PREROUTING -p udp -m state --state NEW,RELATED,ESTABLISHED -m udp --dport 53 -j TOS --set-tos 0x10
-A PREROUTING -p udp -m state --state NEW,RELATED,ESTABLISHED -m udp --dport 161 -j TOS --set-tos 0x04
-A PREROUTING -p udp -m state --state NEW,RELATED,ESTABLISHED -m udp --dport 162 -j TOS --set-tos 0x04
-A PREROUTING -p udp -m udp --dport 514 -j TOS --set-tos 0x04
-A OUTPUT -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --sport 22 -j TOS --set-tos 0x10
-A OUTPUT -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --dport 22 -j TOS --set-tos 0x10
-A OUTPUT -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --sport 20 -j TOS --set-tos 0x08
-A OUTPUT -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --dport 20 -j TOS --set-tos 0x08
-A OUTPUT -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --sport 80 -j TOS --set-tos 0x08
-A OUTPUT -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --dport 80 -j TOS --set-tos 0x08
-A OUTPUT -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --sport 53 -j TOS --set-tos 0x10
-A OUTPUT -p udp -m state --state NEW,RELATED,ESTABLISHED -m udp --dport 53 -j TOS --set-tos 0x10
-A OUTPUT -p udp -m state --state NEW,RELATED,ESTABLISHED -m udp --dport 161 -j TOS --set-tos 0x04
-A OUTPUT -p udp -m state --state NEW,RELATED,ESTABLISHED -m udp --dport 162 -j TOS --set-tos 0x04
-A OUTPUT -p udp -m udp --dport 514 -j TOS --set-tos 0x04
COMMIT
# Completed on Wed Nov 9 19:58:37 2005
# Generated by iptables-save v1.2.2 on Wed Nov 9 19:58:37 2005
*nat
:PREROUTING ACCEPT [48442:4189026]
:POSTROUTING ACCEPT [82:22002]
:OUTPUT ACCEPT [71:21498]
-A POSTROUTING -s 192.168.0.0/255.255.255.0 -o eth0 -j MASQUERADE
-A POSTROUTING -s 192.168.1.0/255.255.255.0 -o eth0 -j MASQUERADE
COMMIT
# Completed on Wed Nov 9 19:58:37 2005
# Generated by iptables-save v1.2.2 on Wed Nov 9 19:58:37 2005
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:devchain - [0:0]
:forward_dmz - [0:0]
:forward_ext - [0:0]
:forward_int - [0:0]
:input_dmz - [0:0]
:input_ext - [0:0]
:input_int - [0:0]
:maschain - [0:0]
:rulchain - [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -d 255.255.255.255 -p udp -m state --state ESTABLISHED -m udp --sport 67 --dport 68 -j ACCEPT
-A INPUT -s 127.0.0.0/255.0.0.0 -j DROP
-A INPUT -d 127.0.0.0/255.0.0.0 -j DROP
-A INPUT -s 192.168.0.5 -j DROP
-A INPUT -s 192.168.1.5 -j DROP
-A INPUT -s 10.0.0.41 -j DROP
-A INPUT -d 10.0.0.41 -i eth0 -j input_ext
-A INPUT -d 192.168.0.5 -i eth1 -j input_int
-A INPUT -d 192.168.1.5 -i eth1 -j input_int
-A INPUT -d 10.0.0.255 -i eth0 -j DROP
-A INPUT -d 255.255.255.255 -i eth0 -j DROP
-A INPUT -d 192.168.0.255 -i eth1 -j DROP
-A INPUT -d 255.255.255.255 -i eth1 -j DROP
-A INPUT -d 192.168.1.255 -i eth1 -j DROP
-A INPUT -d 255.255.255.255 -i eth1 -j DROP
-A INPUT -d 10.0.0.41 -i eth1 -j LOG --log-prefix "SuSE-FW-ACCESS_DENIED_FOR_INT" --log-tcp-options --log-ip-options
-A INPUT -d 10.0.0.41 -i eth1 -j DROP
-A INPUT -j DROP
-A INPUT -j devchain
-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -i eth1 -o eth1 -j ACCEPT
-A FORWARD -i eth0 -o eth0 -j ACCEPT
-A FORWARD -i eth0 -j forward_ext
-A FORWARD -i eth1 -j forward_int
-A FORWARD -j DROP
-A FORWARD -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -j LOG --log-prefix "SuSE-FW-FORWARD-ERROR" --log-tcp-options --log-ip-options
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 11 -j LOG --log-prefix "SuSE-FW-TRACEROUTE-ATTEMPT" --log-tcp-options --log-ip-options
-A OUTPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 3/3 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 3/4 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 3/9 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 3/10 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 3/13 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 3 -j DROP
-A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -j LOG --log-prefix "SuSE-FW-OUTPUT-ERROR" --log-tcp-options --log-ip-options
-A devchain -i ! lo -j rulchain
-A forward_dmz -s 10.0.0.0/255.255.255.0 -j DROP
-A forward_dmz -s 192.168.0.0/255.255.255.0 -j DROP
-A forward_dmz -s 192.168.1.0/255.255.255.0 -j DROP
-A forward_dmz -d 192.168.0.5 -j DROP
-A forward_dmz -d 192.168.1.5 -j DROP
-A forward_dmz -d 10.0.0.41 -j DROP
-A forward_dmz -p icmp -m state --state RELATED -m icmp --icmp-type 3 -j ACCEPT
-A forward_dmz -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 0 -j ACCEPT
-A forward_dmz -s 192.168.0.0/255.255.255.0 -o eth0 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A forward_dmz -d 192.168.0.0/255.255.255.0 -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A forward_dmz -s 192.168.1.0/255.255.255.0 -o eth0 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A forward_dmz -d 192.168.1.0/255.255.255.0 -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A forward_dmz -j DROP
-A forward_ext -s 192.168.0.0/255.255.255.0 -j DROP
-A forward_ext -s 192.168.1.0/255.255.255.0 -j DROP
-A forward_ext -s 192.168.0.0/255.255.255.0 -j DROP
-A forward_ext -s 192.168.1.0/255.255.255.0 -j DROP
-A forward_ext -d 192.168.0.5 -j DROP
-A forward_ext -d 192.168.1.5 -j DROP
-A forward_ext -p icmp -m state --state RELATED -m icmp --icmp-type 3 -j ACCEPT
-A forward_ext -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 0 -j ACCEPT
-A forward_ext -s 192.168.0.0/255.255.255.0 -o eth0 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A forward_ext -d 192.168.0.0/255.255.255.0 -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A forward_ext -s 192.168.1.0/255.255.255.0 -o eth0 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A forward_ext -d 192.168.1.0/255.255.255.0 -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A forward_ext -j DROP
-A forward_int -s 10.0.0.0/255.255.255.0 -j DROP
-A forward_int -d 10.0.0.41 -j DROP
-A forward_int -p icmp -m state --state RELATED -m icmp --icmp-type 3 -j ACCEPT
-A forward_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 0 -j ACCEPT
-A forward_int -s 192.168.0.0/255.255.255.0 -o eth0 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A forward_int -d 192.168.0.0/255.255.255.0 -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A forward_int -s 192.168.1.0/255.255.255.0 -o eth0 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A forward_int -d 192.168.1.0/255.255.255.0 -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A forward_int -j DROP
-A input_dmz -s 10.0.0.0/255.255.255.0 -j DROP
-A input_dmz -s 192.168.0.0/255.255.255.0 -j DROP
-A input_dmz -s 192.168.1.0/255.255.255.0 -j DROP
-A input_dmz -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A input_dmz -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 0 -j ACCEPT
-A input_dmz -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 3 -j ACCEPT
-A input_dmz -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 11 -j ACCEPT
-A input_dmz -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 12 -j ACCEPT
-A input_dmz -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 14 -j ACCEPT
-A input_dmz -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 18 -j ACCEPT
-A input_dmz -p icmp -j DROP
-A input_dmz -p tcp -m tcp --dport 113 --tcp-flags SYN,RST,ACK SYN -j REJECT --reject-with reject-with
-A input_dmz -p tcp -m tcp --dport 22 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_dmz -p tcp -m tcp --dport 23 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_dmz -p tcp -m tcp --dport 37 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_dmz -p tcp -m tcp --dport 79 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_dmz -p tcp -m tcp --dport 111 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_dmz -p tcp -m tcp --dport 513 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_dmz -p tcp -m tcp --dport 6000 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_dmz -p tcp -m tcp --dport 1024:65535 --tcp-flags SYN,RST,ACK SYN -j LOG --log-prefix "SuSE-FW-ACCEPT" --log-tcp-options --log-ip-options
-A input_dmz -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --dport 1024:65535 -j ACCEPT
-A input_dmz -p tcp -m state --state ESTABLISHED -m tcp --dport 600:65535 ! --tcp-flags SYN,RST,ACK SYN -j ACCEPT
-A input_dmz -p tcp -m state --state ESTABLISHED -m tcp --dport 20 ! --tcp-flags SYN,RST,ACK SYN -j ACCEPT
-A input_dmz -s 10.0.0.138 -p udp -m state --state NEW,RELATED,ESTABLISHED -m udp --sport 53 --dport 1024:65535 -j ACCEPT
-A input_dmz -p udp -m udp --dport 22 -j DROP
-A input_dmz -p udp -m udp --dport 23 -j DROP
-A input_dmz -p udp -m udp --dport 37 -j DROP
-A input_dmz -p udp -m udp --dport 37 -j DROP
-A input_dmz -p udp -m udp --dport 67 -j DROP
-A input_dmz -p udp -m udp --dport 79 -j DROP
-A input_dmz -p udp -m udp --dport 111 -j DROP
-A input_dmz -p udp -m udp --dport 111 -j DROP
-A input_dmz -p udp -m udp --dport 513 -j DROP
-A input_dmz -p udp -m udp --dport 517 -j DROP
-A input_dmz -p udp -m udp --dport 518 -j DROP
-A input_dmz -p udp -m udp --dport 6000 -j DROP
-A input_dmz -p udp -m state --state NEW,RELATED,ESTABLISHED -m udp --dport 1024:65535 -j ACCEPT
-A input_dmz -j DROP
-A input_ext -s 192.168.0.0/255.255.255.0 -j DROP
-A input_ext -s 192.168.1.0/255.255.255.0 -j DROP
-A input_ext -s 192.168.0.0/255.255.255.0 -j DROP
-A input_ext -s 192.168.1.0/255.255.255.0 -j DROP
-A input_ext -s 10.0.0.0/255.255.255.0 -p icmp -m icmp --icmp-type 4 -j LOG --log-prefix "SuSE-FW-ACCEPT-SOURCEQUENCH" --log-tcp-options --log-ip-options
-A input_ext -s 10.0.0.0/255.255.255.0 -p icmp -m icmp --icmp-type 4 -j ACCEPT
-A input_ext -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A input_ext -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 0 -j ACCEPT
-A input_ext -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 3 -j ACCEPT
-A input_ext -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 11 -j ACCEPT
-A input_ext -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 12 -j ACCEPT
-A input_ext -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 14 -j ACCEPT
-A input_ext -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 18 -j ACCEPT
-A input_ext -p icmp -j DROP
-A input_ext -p tcp -m tcp --dport 113 --tcp-flags SYN,RST,ACK SYN -j REJECT --reject-with reject-with
-A input_ext -p tcp -m tcp --dport 22 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_ext -p tcp -m tcp --dport 23 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_ext -p tcp -m tcp --dport 37 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_ext -p tcp -m tcp --dport 79 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_ext -p tcp -m tcp --dport 111 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_ext -p tcp -m tcp --dport 513 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_ext -p tcp -m tcp --dport 6000 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_ext -p tcp -m tcp --dport 1024:65535 --tcp-flags SYN,RST,ACK SYN -j LOG --log-prefix "SuSE-FW-ACCEPT" --log-tcp-options --log-ip-options
-A input_ext -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --dport 1024:65535 -j ACCEPT
-A input_ext -p tcp -m state --state ESTABLISHED -m tcp --dport 600:65535 ! --tcp-flags SYN,RST,ACK SYN -j ACCEPT
-A input_ext -p tcp -m state --state ESTABLISHED -m tcp --dport 20 ! --tcp-flags SYN,RST,ACK SYN -j ACCEPT
-A input_ext -s 10.0.0.138 -p udp -m state --state NEW,RELATED,ESTABLISHED -m udp --sport 53 --dport 1024:65535 -j ACCEPT
-A input_ext -p udp -m udp --dport 22 -j DROP
-A input_ext -p udp -m udp --dport 23 -j DROP
-A input_ext -p udp -m udp --dport 37 -j DROP
-A input_ext -p udp -m udp --dport 37 -j DROP
-A input_ext -p udp -m udp --dport 67 -j DROP
-A input_ext -p udp -m udp --dport 79 -j DROP
-A input_ext -p udp -m udp --dport 111 -j DROP
-A input_ext -p udp -m udp --dport 111 -j DROP
-A input_ext -p udp -m udp --dport 513 -j DROP
-A input_ext -p udp -m udp --dport 517 -j DROP
-A input_ext -p udp -m udp --dport 518 -j DROP
-A input_ext -p udp -m udp --dport 6000 -j DROP
-A input_ext -p udp -m state --state NEW,RELATED,ESTABLISHED -m udp --dport 1024:65535 -j ACCEPT
-A input_ext -p udp -m state --state ESTABLISHED -m udp --dport 61000:65095 -j ACCEPT
-A input_ext -j DROP
-A input_int -s 10.0.0.0/255.255.255.0 -j DROP
-A input_int -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A input_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 0 -j ACCEPT
-A input_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 3 -j ACCEPT
-A input_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 11 -j ACCEPT
-A input_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 12 -j ACCEPT
-A input_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 14 -j ACCEPT
-A input_int -p icmp -m state --state RELATED,ESTABLISHED -m icmp --icmp-type 18 -j ACCEPT
-A input_int -p icmp -j DROP
-A input_int -p tcp -m tcp --dport 113 --tcp-flags SYN,RST,ACK SYN -j REJECT --reject-with reject-with
-A input_int -p tcp -m tcp --dport 22 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_int -p tcp -m tcp --dport 23 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_int -p tcp -m tcp --dport 37 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_int -p tcp -m tcp --dport 79 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_int -p tcp -m tcp --dport 111 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_int -p tcp -m tcp --dport 513 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_int -p tcp -m tcp --dport 6000 --tcp-flags SYN,RST,ACK SYN -j DROP
-A input_int -p tcp -m tcp --dport 1024:65535 --tcp-flags SYN,RST,ACK SYN -j LOG --log-prefix "SuSE-FW-ACCEPT" --log-tcp-options --log-ip-options
-A input_int -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --dport 1024:65535 -j ACCEPT
-A input_int -p tcp -m state --state ESTABLISHED -m tcp --dport 600:65535 ! --tcp-flags SYN,RST,ACK SYN -j ACCEPT
-A input_int -p tcp -m state --state ESTABLISHED -m tcp --dport 20 ! --tcp-flags SYN,RST,ACK SYN -j ACCEPT
-A input_int -s 10.0.0.138 -p udp -m state --state NEW,RELATED,ESTABLISHED -m udp --sport 53 --dport 1024:65535 -j ACCEPT
-A input_int -p udp -m udp --dport 22 -j DROP
-A input_int -p udp -m udp --dport 23 -j DROP
-A input_int -p udp -m udp --dport 37 -j DROP
-A input_int -p udp -m udp --dport 37 -j DROP
-A input_int -p udp -m udp --dport 67 -j DROP
-A input_int -p udp -m udp --dport 79 -j DROP
-A input_int -p udp -m udp --dport 111 -j DROP
-A input_int -p udp -m udp --dport 111 -j DROP
-A input_int -p udp -m udp --dport 513 -j DROP
-A input_int -p udp -m udp --dport 517 -j DROP
-A input_int -p udp -m udp --dport 518 -j DROP
-A input_int -p udp -m udp --dport 6000 -j DROP
-A input_int -p udp -m state --state NEW,RELATED,ESTABLISHED -m udp --dport 1024:65535 -j ACCEPT
-A input_int -j DROP
-A rulchain -p udp -m udp --dport 111 -j DROP
-A rulchain -p udp -m udp --dport 67 -j DROP
-A rulchain -p udp -m udp --dport 37 -j DROP
-A rulchain -p udp -m udp --dport 518 -j DROP
-A rulchain -p udp -m udp --dport 517 -j DROP
-A rulchain -s 10.0.0.138 -p udp -m udp --sport 53 -j ACCEPT
-A rulchain -p icmp -m icmp --icmp-type 5 -j DROP
-A rulchain -p udp -j DROP
-A rulchain -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j LOG
-A rulchain -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j REJECT --reject-with reject-with
COMMIT
# Completed on Wed Nov 9 19:58:37 2005
next reply other threads:[~2005-11-09 20:02 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-11-09 20:02 Marc Green [this message]
-- strict thread matches above, loose matches on Subject: below --
2005-11-14 12:53 Performance problems on my firewall using iptables (SuSEfirewall2) Derick Anderson
2005-11-09 10:50 Marc Green
2005-11-09 14:25 ` /dev/rob0
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=437255DF.7060903@skynet.be \
--to=marc.green@skynet.be \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.