From: Abraham van der Merwe <abz@frogfoot.net>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] matching ftp - how?
Date: Wed, 12 Mar 2003 21:25:18 +0000 [thread overview]
Message-ID: <marc-lartc-104750456826624@msgid-missing> (raw)
In-Reply-To: <marc-lartc-104747890714929@msgid-missing>
[-- Attachment #1: Type: text/plain, Size: 1189 bytes --]
Hi Eric!
> > iptables -A FORWARD -s $net -m conntrack --proto ftp
> > iptables -A FORWARD -s $net -m conntrack --proto irc
> > iptables -A FORWARD -s $net -m conntrack --proto h323
>
> To do so you can use the conmarck module (from iptable pom) : the mark
> of the packet is given following the conntrack. It's a bit tricky to use
> (you have to restore mark) but it do the job.
I take it you are talking about the connmark match. I don't see how you can
use that to track of the connection. All you can do is match/change packets
with a certain mark value. But how do you know what mark value is assigned
to packets matched by a specific connection tracking module. For example,
let's say I wanted to match h323 packets. How would I know what MARK value
to use?
--
Regards
Abraham
Children are like cats, they can tell when you don't like them. That's
when they come over and violate your body space.
___________________________________________________
Abraham vd Merwe - Frogfoot Networks CC
9 Kinnaird Court, 33 Main Street, Newlands, 7700
Phone: +27 21 686 1674 Cell: +27 82 565 4451
Http: http://www.frogfoot.net/ Email: abz@frogfoot.net
[-- Attachment #2: Type: application/pgp-signature, Size: 232 bytes --]
next prev parent reply other threads:[~2003-03-12 21:25 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-03-12 14:18 [LARTC] matching ftp - how? Abraham van der Merwe
2003-03-12 15:03 ` Eric Leblond
2003-03-12 15:45 ` Ethy H. Brito
2003-03-12 21:25 ` Abraham van der Merwe [this message]
2003-03-13 7:50 ` Eric Leblond
2003-03-15 21:12 ` Eric Leblond
2003-03-17 20:17 ` Ethy H. Brito
2003-03-17 20:30 ` Manuel Samper
2003-03-17 22:28 ` Eric Leblond
2003-03-18 11:26 ` Eric Leblond
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-104750456826624@msgid-missing \
--to=abz@frogfoot.net \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.