13,420
edits
Changes
no edit summary
:* '''Inbound traffic is of two distinct types'''. Our diagram shows:
::# '''New incoming connections''' (what you normally think of as '''inbound traffic'''): the web server receives a new incoming connection.
::# '''Incoming data that's a response to a request''': the web page that the server sent back in the diagram above.<br><br> :::We normally don't want to do anything special for the response. It is safe to assume that '''a connection that was allowed to be established should be allowed to receive a response'''. This is accomplished with the following INPUT chain rule that should be there by default on your machines:<br><br>::::<pre>ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED</pre>