Hey, can somebody tell, what's the difference between the conntrack and the state match? For example in the following two lines: $IPTABLES -A INPUT -i $INT -s $INT_NET -m state --state ESTABLISHED -j ACCEPT $IPTABLES -A INPUT -i $INT -s $INT_NET -m conntrack --ctstate ESTABLISHED -j ACCEPT
conntrack takes ctproto as option: What protocols can be specified? Only layer 4 (e.g. tcp) or also layer 7 (e.g. ftp)? Regards Frank -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
