>NOTRACK is valid in the raw table alone. If you want a generic "NOTRACK >and TARPIT everything which is not allowed", then that I think won't go. Would it work to have a -t filter-capable NOTRACK target? Jan Engelhardt -- | Gesellschaft fuer Wissenschaftliche Datenverarbeitung Goettingen, | Am Fassberg, 37077 Goettingen, www.gwdg.de
