Or all udp sockets, with the associated process: ks]# ss -u -pa On Linux, assuming that the iproute2 is installed, you can run the ss command to pull udp sockets like so: ss -u sbin/iptables -t filter -A OUTPUT -m state -state NEW\,ESTABLISHED -j ACCEPT sbin/iptables -t filter -A FORWARD -m state -state NEW\,ESTABLISHED -j ACCEPT sbin/iptables -t filter -A INPUT -m state -state NEW\,ESTABLISHED -j ACCEPT Your netfilter rules could be as simple as this. You can see there are a couple systems that are frequently communicating to udp/1194 (OpenVPN).
Here for example is what one of my system looks like. Once you setup rules then you can use a tool like conntrack to look at the netfilter state table. This will force netfilter to track state related to UDP. One method you could use is simply setup some simple netfilter rules that use the -state option.
As others have mentioned UDP is connection-less so state isn't tracked in the standard locations you might look.
0 kommentar(er)
