Grant, This all makes complete sense. I should have everything I need now to make this work. What you have suggested is exactly what I wanted to do anyways. I just wanted to make sure that my overall understanding of the raw table was correct. > Well the idea that I was after was that you explicitly handle anything > except what you know to (likely) be valid traffic in such a way that it > will not be connection tracked and ultimately TARPITed. Thus if you have > multiple valid source IP / port combinations you would want to do a series > of ACCEPT targets. Gary Wayne Smith
