Hi there,
I'm trying to negate the seconds match with ipt_recent like this:
iptables -A INPUT -p tcp --dport 1234 \
-m recent --rcheck --name LIST ! --seconds 60 --rttl \
-j ACCEPT
This should accept packets only if the source IP is in LIST and its
entry was last updated 60 seconds ago or before. I know, this is quite
strange a thing to do, but the documentation on
http://www.netfilter.org/documentation/HOWTO//netfilter-extensions-HOWTO-3.html#ss3.16
says it should work and it doesn't. Can someone here clear this up?
--
bye, Micha
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
