From mboxrd@z Thu Jan  1 00:00:00 1970
From: Abraham van der Merwe <abz@frogfoot.net>
Date: Wed, 12 Mar 2003 21:25:18 +0000
Subject: Re: [LARTC] matching ftp - how?
MIME-Version: 1
Content-Type: multipart/mixed; boundary="WIyZ46R2i8wDzkSu"
Message-Id: <marc-lartc-104750456826624@msgid-missing>
List-Id: <lartc.vger.kernel.org>
References: <marc-lartc-104747890714929@msgid-missing>
In-Reply-To: <marc-lartc-104747890714929@msgid-missing>
To: lartc@vger.kernel.org


--WIyZ46R2i8wDzkSu
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi Eric!

> > iptables -A FORWARD -s $net -m conntrack --proto ftp
> > iptables -A FORWARD -s $net -m conntrack --proto irc
> > iptables -A FORWARD -s $net -m conntrack --proto h323
>=20
> To do so you can use the conmarck module (from iptable pom) : the mark
> of the packet is given following the conntrack. It's a bit tricky to use
> (you have to restore mark) but it do the job.

I take it you are talking about the connmark match. I don't see how you can
use that to track of the connection. All you can do is match/change packets
with a certain mark value. But how do you know what mark value is assigned
to packets matched by a specific connection tracking module. For example,
let's say I wanted to match h323 packets. How would I know what MARK value
to use?

--=20

Regards
 Abraham

Children are like cats, they can tell when you don't like them.  That's
when they come over and violate your body space.

___________________________________________________
 Abraham vd Merwe - Frogfoot Networks CC
 9 Kinnaird Court, 33 Main Street, Newlands, 7700
 Phone: +27 21 686 1674 Cell: +27 82 565 4451
 Http: http://www.frogfoot.net/ Email: abz@frogfoot.net


--WIyZ46R2i8wDzkSu
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE+b6W+0jJV70h31dERAuNPAJsGGPHjlQwcFPVY/PawJQI82XVlBQCeK4gC
+FhDPO5NjWZd0cY2RCzfKNs=
=ehNs
-----END PGP SIGNATURE-----

--WIyZ46R2i8wDzkSu--
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/