This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Setting ACK flags?

Hi

Could someone explain to me, how I could set ACK flags of the Packet Filter? Is that possible via interface?
Is is possible, so set other flags?

THX [:)]

This thread was automatically locked due to age.

Parents

0 danielrm26 over 23 years ago

ACK flags are set on individual TCP packets, not on packet filtering software.

Do you mean you want to filter for packets with ACKS in them?
Cancel
Vote Up 0 Vote Down

Cancel
0 Simon_01 over 23 years ago in reply to danielrm26

ASF uses iptables, so it´s a stateful firewall. I could only accept outgoing tcp connctions, by filtering the ACK flags.

Do I have to set them manually in the iptables script or is that possible via web interface?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Simon_01 over 23 years ago in reply to danielrm26

ASF uses iptables, so it´s a stateful firewall. I could only accept outgoing tcp connctions, by filtering the ACK flags.

Do I have to set them manually in the iptables script or is that possible via web interface?
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 danielrm26 over 23 years ago in reply to Simon_01

Ok, I am not versed enough in IPTABLES to know if you can filter packets by TCP flag, but I do know that if you aren't passing any ports in then you are probably ok. Your first barrier of protection is NAT, which won't allow incoming connections to you in the first place. Then, if you don't have a packetfilter rule ALLOWING traffic in, then it won't be allowed in. Return packets are allowed with OUTGOING rules, because ASL is a stateful firewall. So just don't open up and incoming NAT or packetfiltering and you should be decently secure.
Cancel
Vote Up 0 Vote Down

Cancel