Hi all- I'm about to become a migrated iptables user, but I had a couple of questions about the stateful abilities of netfilter. First, it appears that true sequence number analysis is available via this "patch-o-matic" thingy. At what point does this feature become part of the default release? Also, does netfilter support any sort of sequence modulation to strengthen the randomness of weak tcp implementations? Thanks, Jason
