What is "state RELATED,ESTABLISHED" in iptables?

Question

2064  871K ACCEPT  all  --  *    *    0.0.0.0/0  0.0.0.0/0  state RELATED,ESTABLISHED 
0     0    DROP    tcp  --  *    *    0.0.0.0/0  0.0.0.0/0  tcp flags:0x3F/0x00 
0     0    DROP    tcp  --  *    *    0.0.0.0/0  0.0.0.0/0  tcp flags:!0x17/0x02 state NEW 
0     0    DROP    tcp  --  *    *    0.0.0.0/0  0.0.0.0/0  tcp flags:0x3F/0x3F 
0     0    ACCEPT  all  --  lo   *    0.0.0.0/0  0.0.0.0/0           
61    3712 ACCEPT  tcp  --  *    *    0.0.0.0/0  0.0.0.0/0  tcp dpt:80 
0     0    ACCEPT  tcp  --  *    *    0.0.0.0/0  0.0.0.0/0  tcp dpt:443 
0     0    ACCEPT  tcp  --  *    *    0.0.0.0/0  0.0.0.0/0  tcp dpt:22

I am a little confused by the first line of this:

2064  871K ACCEPT  all  --  *    *    0.0.0.0/0    0.0.0.0/0     state RELATED,ESTABLISHED

What is state RELATED,ESTABLISHED?

I am trying to block access to all but 80,443,22. Am I accomplishing this here?

Which bit of the documentation wasn't clear ? – user9517 Nov 24 '13 at 17:16 — user9517, Nov 24 '13 at 17:16

Massimo · Accepted Answer · 2013-11-24T19:14:55.097

6

Packets in a RELATED or ESTABLISHED state are those ones which belong to an already opened connection; you'll generally want to accept them, otherwise connections will get established correctly but nothing will be able to flow after the initial handshake.

edited Nov 24 '13 at 19:14

answered Nov 24 '13 at 16:49

Massimo

68,714
56
196
319

yup, its a way of linux saying, this incoming packet is a response to a legitimate request from our own host.... let me let it thru – nandoP Nov 24 '13 at 19:12

What is "state RELATED,ESTABLISHED" in iptables?

1 Answers1

Linked