Re: iptables rule selection + new,related connections

Originally Posted by
Drenriza
#1 Does iptables use the first rule that fulfills a criteria, or does iptables read all the rules and select the most specific?
packets will traverse the iptables rule set in order. If the rule "fulfills a criteria" it follows that rule, and if that rule branches out somehow, then subsequent rules will not be tested against.

Originally Posted by
Drenriza
#2 If you have a 3G / 4G router that you wont allow to be contacted from the outside world >but< connections / sessions established from the local network through the router
are allowed to cross in both directions?
Yes, that is how most iptables based routers / firewalls are setup. (I do not know what you mean by a 3G / 4G router. I am only answering about iptables).

Originally Posted by
Drenriza
I know you can use the new, established and related keywords for this, but i have never quite figured out how and the information ( that i can find ) aren't defining these keywords that well.
I don't know how to help with this. These are some of the most fundamental keywords in any iptables rule set. I don't know how to describe them any better than is already done in man iptables-extensions. Excerpt:
Code:
NEW The packet has started a new connection or otherwise associated with a connection which has not seen packets in both directions.
ESTABLISHED
The packet is associated with a connection which has seen packets in both directions.
RELATED
The packet is starting a new connection, but is associated with an existing connection, such as an FTP data transfer or an ICMP error.
However, using tcp as an example, it might help to study how a new tcp connection is made, moving from the initial SYN packet to the ESTABLISHED state, via two way handshaking (i.e. a SYN ACK packet for the initial SYN).
Any follow-up information on your issue would be appreciated. Please have the courtesy to report back.