Le mer 03/03/2004 à 02:04, bino-psn a écrit : > I think you made a better description .. thx.. > And .. How to implement it in side the rule ? > well ... How to let's say MARK any http-ACK coming via an interface ? You can also use conntrack engine. First packet of the connection has NEW state, others have ESTABLISHED one. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!
