On 08/11/08 14:55, Jan Engelhardt wrote:
Eww no, don't do that. Though Netfilter is written like that, there
is no hard guarantee that only first packets are seen. (Like, we
forget to take our medication and all packets go through the
then-semi-stateless nat table ;-) Better use -m conntrack --ctstate
NEW -j ULOG.
*nod*
So technically it /would/ work, but it would also be bad form to do it
that way.
Grant. . . .
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
