
    /sbin/iptables --new-chain state_chk
    # Allow any already established or related connection
    /sbin/iptables --append state_chk -m state --state ESTABLISHED,RELATED -j ACCEPT

    # We filter all input and forwarded traffic this way
    /sbin/iptables --append INPUT -j state_chk
    /sbin/iptables --append FORWARD -j state_chk
