Re: Question about iptables and maximum file size

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Friday, 31 October 2003, at 12:15:54 +0200,
The Codrinus wrote:

> I would like to know if there is any possibility to select from iptables  the 
> files with maximum size of 300 kbytes and send them to a proxy server.
> As I know until now you can only mark files with maximum size of 64 kbytes.
> 
iptables only knows about layer 2, 3 and 4. Files and their sizes is a
layer 7 thing, and depends entirely on the application protocol used to
transfer them (SMB, CIFS, NFS, FTP, HTTP, SSH, etc.).

So the short answer is no, you can't select packages based on file
sizes, it doesn't make any sense. But you obviously can select IP packages
based on their size (match "length"). However, remember that MTU in
normal layer 2 networks, typically ethernet, have a value of 1500 bytes,
so I think in normal conditions you will not see any packages larger
than that (except if you use jumboframes, FR or the like).

-- 
Jose Luis Domingo Lopez
Linux Registered User #189436     Debian Linux Sid (Linux 2.6.0-test9-mm1)
_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux