Eric Leblond wrote: >Hi, > >I'm trying to match the first packet of a connection : for a TCP >connection I want to match the first SYN packet received by the firewall >and ignore the possible reemission, in fact I want to accept them. > >Is this possible ? > >I've try to use the conntrack module but I was not successful. > >BR, > > The "tcp filter" Table Match Operations provide: -p tcp --syn Thomas
