On Wed, 13 Dec 2006, Daniel Hartmeier wrote:
> > But the man page says:
> > "This rule only applies to TCP packets that have the flags <a> set
> > out of set <b>."
> > This means to me: all none-tcp packets are ignored by this rule.
>
> This probably should read instead
>
> This rule only applies to TCP packets which have the flags <a> set
> out of set <b>."
I started on a rewrite of that particular section of the manpage. I hope
this makes it more clear:
flags <a>/<b> | /<b> | any
Flags are checked on TCP packets, but ignored for other protocols.
For a match, the flags that are set in a TCP packet must be equal
to the flags specified in <a>, after ignoring the flags specified
in <b>. flags any matches all flag combinations. The flags are:
(S)YN, (A)CK, (F)IN, (R)ST, (P)USH, (U)RG, (E)CE, and C(W)R.
