keep state

Description

Enables stateful firewalling by temporarily opening a port for incoming traffic when an outgoing packet matches the specified rule. With the keep state keyword, the firewall tracks the state of an existing connection on the basis of source IP address, destination IP address, source port, destination port, and protocol.

Keeping state focuses on blocking or passing packets from a new connection. If the new connection is allowed, all packets are passed in both directions. If a new connection is blocked, all packets are blocked in both directions.

Synopsis

{block | pass} {in | out} {to | from} address_scope keep state

address_scope can be a unique IP address, an address space, or the keywords !, all, me, or any.

Scarica PDF

Scarica questa pagina

keep state

Description

Synopsis

Scarica PDF

Generazione PDF