Hi, If i use advanced string matching capability of iptables, will it work without connection tracking ? If it doesn't work, then it s stateful and whats the difference between 2 cases when i do the following 2 things, 1) Use string matching on URL strings without L7 patch 2) Use L7 filter to match URL strings without using ipatable string matching feature. is this 2 features are going to be consolidated as the iptable core in some way or L7 patch remains as an independent work ? My goal here is to convert my Linux box as an Application layer gateway with application specific bandwidth provisioning, redirection, cache. i would greatly appreciate your thoughts. -- Best regards, Peter Chacko -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
