iptables --tcp-플래그

Question

예, 두 가지 질문 모두 적용됩니다.

ALL동일합니다 FIN,SYN,RST,PSH,ACK,URG.

TCP 프로토콜을 사용할 때 사용되는 명령 보기 man iptables-extensions: .--tcp-flags-p tcp

[!] --tcp-flags mask comp
          Match when the TCP flags are as specified.  The  first  argument
          mask  is  the flags which we should examine, written as a comma-
          separated list, and the second argument comp  is  a  comma-sepa‐
          rated  list  of flags which must be set.  Flags are: SYN ACK FIN
          RST URG PSH ALL NONE.  Hence the command
           iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST SYN
          will only match packets with the SYN flag set, and the ACK,  FIN
          and RST flags unset.

Answer 1

예, 두 가지 질문 모두 적용됩니다.

ALL동일합니다 FIN,SYN,RST,PSH,ACK,URG.

TCP 프로토콜을 사용할 때 사용되는 명령 보기 man iptables-extensions: .--tcp-flags-p tcp

[!] --tcp-flags mask comp
          Match when the TCP flags are as specified.  The  first  argument
          mask  is  the flags which we should examine, written as a comma-
          separated list, and the second argument comp  is  a  comma-sepa‐
          rated  list  of flags which must be set.  Flags are: SYN ACK FIN
          RST URG PSH ALL NONE.  Hence the command
           iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST SYN
          will only match packets with the SYN flag set, and the ACK,  FIN
          and RST flags unset.

iptables --tcp-플래그

답변1

관련 정보