On Tue, Jan 22, 2002 at 07:52:30PM -0500, Brad Spengler wrote: > I've just tried my hand at writing an iptables module. It's a match > module that matches SYNs sent to unserved TCP ports and datagrams sent > to unserved UDP ports. Since doing something like this is impossible > with regular iptables rules, would a module like this be accepted into > the patch-o-matic list for iptables? Comments/questions welcome
Hi Brad. I suppose this was the mail you were referring to when we met yesterday? I can now tell you because it was lost: - Subject didn't really say anything about what the module was - you didn't include the code in the email. This might be different with other projects, but in the netfilter project [and as well as the netdev and linux-kernel lists] this is the preferred method. It's really unfortunate that we lost this important contribution because of this :( Anyway, please send your module as patch-o-matic patch, if possible. We'd certainly like to include it. > -Brad > http://grsecurity.net -- Live long and prosper - Harald Welte / [EMAIL PROTECTED] http://www.gnumonks.org/ ============================================================================ GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M- V-- PS+ PE-- Y+ PGP++ t++ 5-- !X !R tv-- b+++ DI? !D G+ e* h+ r% y+(*)
