On Thu, Mar 14, 2002 at 04:23:45PM -0800, Americo Melara wrote: > On the other hand... if I have no rules to filter ip addresses, only one > rule to filter one TCP port, then the code for 'ip_packet_match()' will not > match anything, return a 1, and enter the "if statement" of 'ipt_do_table' > ... 'ipt_do_table' will execute the IPT_MATCH_ITERATE macro, wich jumps to > the function 'do_match' . How does IPT_MATCH_ITERATE know that you want to > filter a TCP port and not a MAC addresses? who carries this info (the 'e' > structure)?
Have you read chapter 4.1 and 4.2 of the netfilter hacking howto ? Just want to make sure you have read the available documentation before somebody starts explaining this on the list. > Thank you! > Americo -- Live long and prosper - Harald Welte / [EMAIL PROTECTED] http://www.gnumonks.org/ ============================================================================ GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M+ V-- PS++ PE-- Y++ PGP++ t+ 5-- !X !R tv-- b+++ !DI !D G+ e* h--- r++ y+(*)
