if[ "$CONNECTION_TRACKING" = "1" ]; then
$iptables -A OUTPUT -p tcp -s 192.168.55.222 --dport 25 -m state --state NEW -j ACCEPT
iptables -A OUTPUT -p tcp -s 192.168.55.222 --dport 25 -j ACCEPT
iptables -A INPUT -p tcp ! --syn --sport 25 -d 192.168.55.222 -j ACCEPT
上面三个条件分别是什么意思..有没有高手解释下..
參考答案:_D_MULTICAST="224.0.0.0/4" # Class D multicast addresses
CLASS_E_RESERVED_NET="240.0.0.0/5" # Class E reserved addresses
BROADCAST_SRC="0.0.0.0" # broadcast source address
BROADCAST_DEST="255.255.255.255" # broadcast destination address
PRIVPORTS="0:1023" # well-known, privileged port range
UNPRIVPORTS="1024:65535" # unprivileged port range
NFS_PORT="2049"
LOCKD_PORT="4045"
SOCKS_PORT="1080"
OPENWINDOWS_PORT="2000"
XWINDOW_P0RT="6000:6063"
SQUID_PORT="3128"
# traceroute usually uses -S 32769:65535 -D 33434:33523
TRACEROUTE_SRC_PORTS="32769:65535"
TRACEROUTE_DEST_PORTS="33434:33523"
USER_CHAINS="EXT-input EXT-output \
tcp-state-flags connection-tracking \
source-address-check destination-address-check \
local-dns-server-query remote-dns-server-response \
local-tcp-client-request remote-tcp-server-response \
remote-tcp-client-request local-tcp-server-response \
local-udp-client-request remote-udp-server-response \
local-dhcp-client-query remote-dhcp-server-response \
EXT-icmp-out EXT-icmp-in \
EXT-log-in EXT-log-out \
log-tcp-state"