* State RELATED and more then one conntrack helper
@ 2004-12-21 8:02 lst_hoe01
2004-12-21 10:04 ` Cedric Blancher
0 siblings, 1 reply; 2+ messages in thread
From: lst_hoe01 @ 2004-12-21 8:02 UTC (permalink / raw)
To: netfilter
Hello
we have the following rule fpr ftp in our iptables rule
iptables -A INPUT -p tcp --dport 1023: -m state --state RELATED -j ACCEPT
As far as i can tell from the docu this matches for every module with RELATED
states ip_conntrack_ftp, ip_conntrack_irc and maybe others...
Is there a possibility to limit this matching to only a special module??
Thanxs
Regards
Andreas
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: State RELATED and more then one conntrack helper
2004-12-21 8:02 State RELATED and more then one conntrack helper lst_hoe01
@ 2004-12-21 10:04 ` Cedric Blancher
0 siblings, 0 replies; 2+ messages in thread
From: Cedric Blancher @ 2004-12-21 10:04 UTC (permalink / raw)
To: lst_hoe01; +Cc: netfilter
Le mardi 21 décembre 2004 à 09:02 +0100, lst_hoe01@kwsoft.de a écrit :
> Is there a possibility to limit this matching to only a special module??
See helper match.
helper match v1.2.11 options:
[!] --helper string Match helper identified by string
So restricting to ftp helper :
-m helper --helper ftp
--
http://www.netexit.com/~sid/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
>> Hi! I'm your friendly neighbourhood signature virus.
>> Copy me to your signature file and help me spread!
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2004-12-21 10:04 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-12-21 8:02 State RELATED and more then one conntrack helper lst_hoe01
2004-12-21 10:04 ` Cedric Blancher
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox