Hello, I've stepped on this mail in list: http://lists.netfilter.org/pipermail/netfilter/2004-November/056947.html But I still haven't found any solutions for these two problems: the second method, sterilizing IP header information and stripping unneeded TCP flags would successfully undermine this scheme. For the last Method, counting hosts behind a router. Striping the fragmentation flag for syn packets, and setting the IP ID to '0', (like Linux and Free BSD both do) would make it impossible to count hosts behind a NAT router. Any ideas how to do that on 2.6 and latest netfilter? -- Pagarbiai, Artūras Šlajus -- Skype: arturaz_ ICQ: 157929934 Jabber: arturaz@xxxxxx IRC: arturaz @ irc.data.lt, irc.freenode.net, irc.lcirc.net
