Pablo Neira Ayuso wrote:
I mainly need conntrack event filtering capabilities by:
* protocol states, so that one can replicate TCP Established and
whatever state in the connection closure (or even the destroy event), I
don't need state transitions.
* source address and destination, so that the administrator can
replicate traffic for certain parts of the networks, eg. 192.168.0.0/24
Well, also other descriptors such as the layer 4 protocol number, etc...
I mean, similar descriptors to filter that are available in iptables.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
