> Just browsing the maillist archives will provide plenty of examples. > But since you asked: > - log invalid access to specif ports or from > specific hosts/nets (possibly with Harald's ULOG patch) > - general firewalling issues (blocking access to services) > - access control (user authentication implicates in adding rules > and enabling traffic from inside/out or vice-versa)
They key feature of iptables would be its modularity. You can write modules that suit your needs. Like IPV4OPTSSTRIP, it is a great example of writing your own modules and adding extra functionality. Regards, Maciej Soltysiak
