On Fri, 2013-02-08 at 12:57 -0500, Laurence J. Lane wrote: > > iptables -A INPUT -m state --state UNTRACKED -j DROP > -m conntrack --ctstate UNTRACKED Yeah of course... that's the "new" way of doing it...
> I'm unsure of the SNAT thing. ...nevertheless the old one shouldn't fail and use SNAT (another state) instead of UNTRACKED. Cheers, Chris.
smime.p7s
Description: S/MIME cryptographic signature
