On Wed, 13 Dec 2006, Camiel Dobbelaar wrote: > On Wed, 13 Dec 2006, Daniel Hartmeier wrote: > > > But the man page says: > > > "This rule only applies to TCP packets that have the flags <a> set > > > out of set <b>." > > > This means to me: all none-tcp packets are ignored by this rule. > > > > This probably should read instead > > > > This rule only applies to TCP packets which have the flags <a> set > > out of set <b>." > > I started on a rewrite of that particular section of the manpage. I hope > this makes it more clear: > > flags <a>/<b> | /<b> | any > Flags are checked on TCP packets, but ignored for other protocols. > For a match, the flags that are set in a TCP packet must be equal > to the flags specified in <a>, after ignoring the flags specified > in <b>. flags any matches all flag combinations. The flags are: > (S)YN, (A)CK, (F)IN, (R)ST, (P)USH, (U)RG, (E)CE, and C(W)R.
Whoops, I got it wrong... it should be: "after ignoring the flags _that are not_ specified in <b>".
