You are right, -p !tcp matches all but TCP, please note tho' that most users probably NEVER use these and as such it's hardly worth mentioning them. ! means not, not tcp is well, not tcp :-) Docs are to be taken with a grain of salt...=20 In addition to this, I read a book on C++ a little while. They are purists :-) (the writers that is). They wrote something along the lines of pure_sort() sorts in non-decreasing order, we say non-decreasing instead of increasing because there might be duplicates (thus variables have the same value, technically that's not increasing but it's kinda obvious ain't it? :-)) -----Oorspronkelijk bericht----- Van: Robert P. J. Day [mailto:rpjday@mindspring.com]=20 Verzonden: woensdag 9 oktober 2002 12:22 Aan: netfilter mailing list Onderwerp: confusing explanation regarding negation of protocol filtering (sorry if these are painfully trivial questions, but sometimes the docs just don't seem to be consistent.) based on both the man page and andreasson's tutorial, i can filter on protocol with some variation of -p tcp -p udp -p udp,icmp -p ! tcp -p <some protocol number here> and so on. while the common filtering protocols are of course tcp, udp and icmp, there are far more listed in /etc/protocols that can be selected by name or number. =20 so it's a but puzzling that andreasson's tutorial claims that "--protocol ! tcp would mean to match the ICMP and UDP protocols." really? i would have assumed it would have matched *every* other protocol but TCP. am i misunderstanding the function of the "!" with respect to=20 protocol? rday
