Some packets are flagged as INVALID by iptables
When `iptables` flags packets as "INVALID," it typically means that the packet doesn't match any known or expected state in the connection tracking table. This often happens when the firewall sees packets that don't fit within the context of existing connections. Here are a few common reasons why packets might be flagged as "INVALID": 1. **Out-of-Order Packets:** In some cases, packets may arrive out of order, and the firewall doesn't recognize how they fit into an established connection. This can happen with some network protocols. 2. **Fragmentation Issues:** If a packet is fragmented and the firewall can't reassemble the fragments correctly, it may flag the packet as "INVALID." 3. **Stateful Inspection:** Some stateful firewalls are very strict about the sequence and nature of packets in a connection. If a packet doesn't fit within the expected sequence, it can be marked as "INVALID." 4. **Network Anomalies:** Network anom