Thanks, and I know that nearly all of the options are listed in the manpage, but I`m also looking for an article of some sort that explains what options best to use for what kind of situations. A bit more background info on specific optios. I would like to extend the scripts I`m using for specific situations. Cheers, Arnoud -----Original Message----- From: netfilter-owner@xxxxxxxxxxxxxxx [mailto:netfilter-owner@xxxxxxxxxxxxxxx] On Behalf Of Andrew Beverley Sent: dinsdag 31 januari 2012 18:23 To: Arnoud Tijssen Cc: netfilter@xxxxxxxxxxxxxxx Subject: Re: Extended IPTables options On Mon, 2012-01-30 at 08:40 +0100, Arnoud Tijssen wrote: > I`m looking for the more sophisticated options of iptables/netfilter > like: connmark, quota, qos, recent, netmap, tos, ulog, clustering and > failover etc etc. Have you tried the iptables man page? Personally I think that's pretty well written and a good place to start. If you've got any specific questions then feel free to post to this list. > Is it possible to create a modular setup with iptables that offers the > possibility to reload a specific part of the iptables rulebase instead > of the entire rulebase. You can add and remove rules "on the fly". There's no need to reload the whole ruleset. Use "iptables -L --line-numbers" to see all your rules with associated rule number, and then use the "-D" command with that number to delete as required. Andy -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
