On Thu, 20 Mar 2003, Carlos Villegas wrote: > iptables IS stateful. Doesn't anyone read the docs anymore :)
I just checked and iptables still doesn't do correct TCP window tracking (real stateful TCP packet giltering [1]) by default. You have to apply a patch for it to do so: http://www.netfilter.org/documentation/pomlist/pom-extra.html#tcp-window-tracking > On Thu, 20 Mar 2003, Jett Tayer wrote: > > Linux has its own packet filtering mechanism. checkout www.netfilter.org > > though not as stateful as our ipfilter :) > > > > Ayon sa chikka ni Phil Dibowitz noong Thursday 20 March 2003 14:02, ay ganito > > ang kanyang sinabi: > > > Dave Mehler wrote: > > > > Hello, > > > > Does anyone have ipfilter running under Linux? If so, can you tell me > > > > how you got it working. > > > > Thanks. > > > > Dave. > > > > > > Iy doesn't work on linux... unless your running 2.0.x... in which case > > > you might as well jsut give up right now. > > > > > > Doesn't anyone read the docs anymore? [1] http://www.iae.nl/users/guido/papers/tcp_filtering.ps.gz Cheers, Dries -- Dries Schellekens email: [EMAIL PROTECTED]
