From mboxrd@z Thu Jan  1 00:00:00 1970
From: Pascal Hambourg <pascal@plouf.fr.eu.org>
Subject: Re: Quick help with NOTRACK rule
Date: Wed, 14 Aug 2013 09:57:52 +0200
Message-ID: <520B3880.1090301@plouf.fr.eu.org>
References: <520AB9DF.7060207@gmail.com>
Mime-Version: 1.0
Content-Transfer-Encoding: QUOTED-PRINTABLE
Return-path: <netfilter-owner@vger.kernel.org>
In-Reply-To: <520AB9DF.7060207@gmail.com>
Sender: netfilter-owner@vger.kernel.org
List-ID: <netfilter.vger.kernel.org>
Content-Type: text/plain; charset="iso-8859-1"
To: netfilter@vger.kernel.org

Hello,

Alex Flex a =E9crit :
>=20
> I also tried adding one more rule iptables -t raw -A INPUT -p tcp=20
> --sport 22 -j NOTRACK  but i get
> iptables: No chain/target/match by that name.

Please read the iptables man page about the raw table :

            It  provides  the following built-in chains: PREROUTING (fo=
r
            packets arriving via  any  network  interface)  OUTPUT  (fo=
r
            packets generated by local processes)

Also, you want to match incoming packets with destination port 22, not
source. So :

iptables -t raw -A PREROUTING -p tcp --dport 22 -j NOTRACK