> I would like for when i ssh to a remote server, that iptables automatically > opens the ident port on the workstation to that remote server, and after a > connection is made, to automatically close it back up again. > Is this possible???
That is exactly what the "conntracking and NAT helpers" are doing for protocols like FTP, where they permit a data connection when they see a PORT command within the control connection. You have to program this yourself, as an in-kernel module. You can take existing helpers for reference. If you want to go that way, and you have specific questions, best subscribe to the netfilter-devel mailing list. best regards Patrick (btw, I reformatted your lines to be under 80 characters long. Please do that yourself in the future)
