- Jody
On 12/22/05, Oscar Mechanic <oscar@xxxxxxxxxxxxxxx> wrote:
Maybe I mis read or summit I do not know about arm.
Using FORWARD as example
but iptables -L FORWARD -vn --line-numbers
then doing a
iptables -D FORWARD <LINENUMBER> (to remove(yes there is a miliseconds
delay before the match starts happening))
and
iptables -I FORWARD <LINENUMBER> -m <SUMMIT> -j <SUMMIT>
No need to flush. You can even do the -I then the -D so you miss less
pkts. I must of got it wrong, too obvious from man iptables.
Happy Christmas, people of the Packets.
On Thu, 2005-12-22 at 14:55 -0500, Jody Shumaker wrote:
> The iptables list of rules is read top to bottom, what is the problem
> with this? I have my script flush the table, then add everything in
> the order i want it in. The only case this might be a problem is where
> you want to insert a rule at a specific spot in the order, without
> flushing the table and causing it to momentarily not exist. Right now
> I don't think that is possible.
>
> - Jody
>
> On 12/18/05, Marius Corici <coricim@xxxxxxxxx> wrote:
> Hello
>
> I have some rules inserted in the NAT table dual SNAT and DNAT
> for a connection
> They use at some moment the same port of the outside network.
>
> The problem i have is that the connection tracking in the
> kernel checks first the oldest rule and then the newest one.
> I use a system based on ARM XScale processor. Is that the
> default behaviour and how can i change this behaviour?
>
> Marius
>
> _______________________________________________
> LARTC mailing list
> LARTC@xxxxxxxxxxxxxxx
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
>
>
> _______________________________________________
> LARTC mailing list
> LARTC@xxxxxxxxxxxxxxx
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
