On Mon, Jun 24, 2002 at 03:47:49PM +0200, Maciej Soltysiak wrote: > > 1. You can't. Netfilter / IPtables works by port number, not by content, so > > you can only filter by port number. > Hmm, maybe you could... > Look: > 1. look for a openingpacket with ssh connection characteristics, say a > version string and mark packets, use recent module, put them to a > seperate chain. something like that.
Yes. Very expensive though and not full-proof in case of fragments. Ramin > 2. filter by port number. > > What do you think? > > Maciej >
