iptables: rule with RETURN target after a rule with the ACCEPT target

Discussion in 'Linux Networking' started by Neroku, Apr 24, 2007.

  1. Neroku

    Neroku Guest

    Hi, i've seen in several scripts the following configuration for
    iptables:

    iptables criteria -j ACCEPT
    iptables the_same_criteria_as_above -j RETURN

    for instance:

    iptables -A INPUT -p tcp -m tcp --dport 100 -j ACCEPT
    iptables -A INPUT -p tcp -m tcp --dport 100 -j RETURN

    The last rule will be never matched, since all tcp incoming
    connections with a destination port equal to 100 will be accepted, and
    thus this connection will be testing for the next chain. The last line
    is useless. So, what's the utility of this configuration?.


    TIA
     
    Neroku, Apr 24, 2007
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.