# these should be close to the top
# track SANE control connections
[0:0] -A INPUT -m recent --update --seconds 600 --name SANE
# related traffic (ACK, FIN, DNS UDP responses etc.)
[0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# SANE server uses a dynamic data port above 1024
#  see also 'related traffic' on top!
[0:0] -A INPUT -p tcp -m tcp --dport 6566 --syn -m recent --set --rsource --name SANE -j ACCEPT
[0:0] -A INPUT -p tcp -m tcp --dport 1024: --syn -m recent --rcheck --rsource --seconds 3 --name SANE -j ACCEPT