5

How to understand why the packet was considered INVALID by the `iptables`?

view full story
linux-howto

http://unix.stackexchange.com – I set up some iptables rules so it logs and drops the packets that are INVALID (--state INVALID). Reading the logs how can I understand why the packet was considered invalid? For example, the following: Nov 29 22:59:13 htpc-router kernel: [6550193.790402] ::IPT::DROP:: IN=ppp0 OUT= MAC= SRC=31.13.72.7 DST=136.169.151.82 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=5104 DF PROTO=TCP SPT=80 DPT=61597 WINDOW=0 RES=0x00 AC K RST URGP=0 (HowTos)