I read a firewall script including following lines iptables -A pfc -p udp –dport

Question

0

Asked: June 4, 20262026-06-04T03:36:49+00:00 2026-06-04T03:36:49+00:00

I read a firewall script including following lines iptables -A pfc -p udp –dport

0

I read a firewall script including following lines

iptables -A pfc -p udp --dport 5060 -m recent --name badguy --update --seconds 60 -hitcount 600 -j DROP 

iptables -A pfc -p udp --dport 5060 -m recent --name badguy --set

This is a part of deny by default firewall script and pfc is a user-defined subchain of INPUT.

Isn’t something wrong here? The second line doesn’t jump to a chain. What is the fate of packet unless first line match?

I think it should be done

iptables -A pfc -p udp --dport 5060 -m recent --name badguy --set **-j ACCEPT**

Isn’t that right?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-04T03:36:51+00:00

As written, this rule:

iptables -A pfc -p udp --dport 5060 -m recent --name badguy --set

Sets the recent entry for the packet, and then continues to process additional iptables rules that may decide to explicitly reject or accept the packet.

On the other hand, your suggested modification…

iptables -A pfc -p udp --dport 5060 -m recent --name badguy --set -j ACCEPT

…accepts the packet immediately with no further processing. That’s a substantial difference in behavior, and whether or not it’s appropriate depends entirely on your local situation.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I read a firewall script including following lines iptables -A pfc -p udp –dport

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply