Why is UNTRACKED showing up in iptable rules

Solution In Progress - Updated -

Issue

Need info/clarification on UNTRACKED iptable rules on our system

The following command is showing all connections with state UNTRACKED.

 iptables-save  | grep UNTR
-A FWDO_appliance_allow -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT
-A FWDO_appliance_allow -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT
-A IN_appliance_allow -p tcp -m tcp --dport 80 -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT
-A IN_appliance_allow -p tcp -m tcp --dport 8080 -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT
-A IN_appliance_allow -p udp -m udp --dport 6781:6784 -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT
-A IN_appliance_allow -p tcp -m tcp --dport 31006 -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT

Environment

  • Red Hat Enterprise Linux 7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content