putting together a tutorial on this stuff has made me really read the docs closely, so another couple of nits to pick: 1) the man page opens with a list of options, including iptables -[ADC] ... what's with the "-C"? i know of no such option, and "iptables -h" doesn't mention it. 2) the man page also mentions the state match -m pkttype --pkt-type ... was it deliberate to spell "pkttype" in two subtly different ways here? that seems just a recipe for confusion. rday
