From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Ethy H. Brito" <ethy@inexo.com.br>
Date: Wed, 12 Mar 2003 15:45:47 +0000
Subject: Re: [LARTC] matching ftp - how?
Message-Id: <marc-lartc-104748400526839@msgid-missing>
List-Id: <lartc.vger.kernel.org>
References: <marc-lartc-104747890714929@msgid-missing>
In-Reply-To: <marc-lartc-104747890714929@msgid-missing>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

On 12 Mar 2003, Eric Leblond wrote:

> On Wed, 2003-03-12 at 15:18, Abraham van der Merwe wrote:
> > iptables -A FORWARD -s $net -m conntrack --proto ftp
> > iptables -A FORWARD -s $net -m conntrack --proto irc
> > iptables -A FORWARD -s $net -m conntrack --proto h323
> 
> To do so you can use the conmarck module (from iptable pom) : the mark
> of the packet is given following the conntrack. It's a bit tricky to use
> (you have to restore mark) but it do the job.

This also interests me. Is there any HOWTO or URL to enlight this?

Ethy H. Brito         /"\
InterNexo Ltda.       \ /  CAMPANHA DA FITA ASCII - CONTRA MAIL HTML
(012) 3941-6860        X   ASCII RIBBON CAMPAIGN - AGAINST HTML MAIL
Sao Jose dos Campos   / \

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/