That's standard logic to speed up traffic processing.
It is designed to save the time required for every packet to pass the whole set of rules.
Usually it's enough only to check initial packet (SYN-flagged) and the rest of the sequence (RELATED,ESTABLISHED) will follow the shortcut rule path.
Ok, thanks for the explaination, this makes now sense to me.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.