what does "-m tcp" mean in this iptables rule?

linux firewall iptables

Solution 1:

Per the manual, it's an unusual but harmless explicit invocation of the tcp iptables module; this module is implicitly invoked when -p tcp (TCP protocol) is specified, and only works when -p tcp is specified anyway, but apparently whoever wrote system-config-firewall's rule generator believed in the belt-and-suspenders theory of reliability.

Solution 2:

From iptables manual page:

-m, --match match

Specifies a match to use, that is, an extension module that tests for a specific property. The set of matches make up the condition under which a target is invoked. Matches are evaluated first to last as specified on the command line and work in short-circuit fashion, i.e. if one extension yields false, evaluation will stop.

In this case TCP match is being used.

What it does:

TCP matches

These matches are protocol specific and are only available when working with TCP packets and streams. To use these matches, you need to specify --protocol tcp on the command line before trying to use them. Note that the --protocol tcp match must be to the left of the protocol specific matches. These matches are loaded implicitly in a sense, just as the UDP and ICMP matches are loaded implicitly. The other matches will be looked over in the continuation of this section, after the TCP match section.

Related

Recursive zgrep not working
Is VIM adding the Windows newlines?
How to setup SSH Keys on Windows machine (SSH Client) to access Azure Linux VM?
"Print" webpage to pdf with working hyperlinks
How to make an MPEG2 video file with the highest quality possible using FFMPEG?
How to export favourites/bookmarks from Microsoft Edge?
Windows 10 update stuck at 0%
How can I configure git bash to display a timestamp for each command?
Differing SSH known_hosts formats
Why UDP does not show LISTENING in the state column in netstat?
No Auto Resize with SPICE and virt-manager
Chrome Slow to Resolve /etc/hosts on macOS / OS X