On Wed, 2003-03-12 at 15:18, Abraham van der Merwe wrote: > iptables -A FORWARD -s $net -m conntrack --proto ftp > iptables -A FORWARD -s $net -m conntrack --proto irc > iptables -A FORWARD -s $net -m conntrack --proto h323 To do so you can use the conmarck module (from iptable pom) : the mark of the packet is given following the conntrack. It's a bit tricky to use (you have to restore mark) but it do the job. -- Eric Leblond <eric@xxxxxxxxx> Regit.org
Attachment:
signature.asc
Description: This is a digitally signed message part
