On Sun, Apr 01, 2007 at 03:39:30PM +0300, noa levy wrote: > Thanks! > I forgot to mention, though, that my source port for the SNMP informs is > also random, so I can't match against the destination port for the incoming > packet - does the recent target also maintain a port list or is it IP > addresses only? > From the iptables tutorial : iptables -A INPUT -m recent --name example --rsource The --rsource match is used to tell the recent match to save the source address and port in the recent list. This is the default behavior of the recent match. iptables -A INPUT -m recent --name example --rdest The --rdest match is the opposite of the --rsource match in that it tells the recent match to save the destination address and port to the recent list. http://iptables-tutorial.frozentux.net/iptables-tutorial.html#RECENTMATCH -- Franck Joncourt http://www.debian.org http://smhteam.info/wiki/ GPG server : pgpkeys.mit.edu Fingerprint : C10E D1D0 EF70 0A2A CACF 9A3C C490 534E 75C0 89FE
Attachment:
signature.asc
Description: Digital signature
