Sorry for asking a dumb question.
If I apply a firewall filter deny rule with connection-state=invalid,new,untracked will it block:
-
- only invalid packets
- only new packets
- only untracked packets
- any combination of the 3 options listed before.
I’m a bit confused if it’s 1 or 2 as the actual filtering action.
I need to know if it will block for example:
- new+untracked
- invalid+new
- invalid,new,untracked
etc (all 3 variants in any combination)
The wiki is not very clear about how the rule processing engine works (all should match or “any” should match)
Is it “AND” or “OR” and why it’s not explained clearly in the wiki and help pages …