On Wednesday 2011-06-08 16:57, Karl Heiss wrote: > >For the xt_recent module, I will be updating the module to support >matching by destination IP, source-port and destination port. Port >matching would be supported via the '--rsport' and '--rdport' flags, >and would default to the current behavior of matching IP only if >neither is specified. > >Many might be wondering why I choose to include matching by >destination IP since it appears that xt_recent matches destinations >using --rdest. However, xt_recent does not appear to differentiate >between source and destination addresses within it's entry tables. You could use two separate tables, which has the same effect as storing entries with a unique key of <saddr-or-daddr-bit, addr> in a single table, unless I missed something. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
