On Thu, Jun 27, 2002 at 08:53:19PM +0200, Patrick Schaaf wrote: > Hi Ramin,
Hi Patrick, > > > Does anyone have a good solution to catch the third (ACK) packet > > in a tcp connection setup? > > Maybe you could use the CONNMARK patch, found in patch-o-matic? > Mark the conntrack one way for the first packet of a new connection, > and later match on that mark, changing it to something else when that > match hits. Hmm, OK, interesting. I was thinking to play with Stephen's excellent module (recent) to acomplish this but I just wanted to have all the options open. I'll definitely dig into this solution as well :-) > Thanks for a nice idea from the "how do I bend iptables into a > programming language" department. :-) Well, you know, I'm not a kernel guy; not that I can't be one but I'd leave it to the gurus we have out there. I'm just trying to gather enough available building blocks to do my things easily :-) Ramin > best regards > Patrick
