Re: stateful UDP with unknown source port on INPUT?

NetFilter

[Top] [All Lists]

<prev [Date] next>

<prev [Thread] next>

Re: stateful UDP with unknown source port on INPUT?

from [Franck Joncourt]

[Permanent Link][Original]

To:	netfilter@lists.netfilter.org
Subject:	Re: stateful UDP with unknown source port on INPUT?
From:	Franck Joncourt <franck.joncourt@wanadoo.fr>
Date:	Sun, 1 Apr 2007 15:24:00 +0200
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	netfilter-list1@securepoint.com
In-reply-to:	<BAY121-F1848947AF48B36B0E9D801A9610@phx.gbl>
List-archive:	</pipermail/netfilter>
List-help:	<mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id:	General discussion and user questions <netfilter.lists.netfilter.org>
List-post:	<mailto:netfilter@lists.netfilter.org>
List-subscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
Mail-followup-to:	netfilter@lists.netfilter.org
References:	<460C4667.1090406@rtij.nl> <BAY121-F1848947AF48B36B0E9D801A9610@phx.gbl>
Sender:	netfilter-bounces@lists.netfilter.org
User-agent:	Mutt/1.5.13 (2006-08-11)

On Sun, Apr 01, 2007 at 03:39:30PM +0300, noa levy wrote:
> Thanks!
> I forgot to mention, though, that my source port for the SNMP informs is 
> also random, so I can't match against the destination port for the incoming 
> packet - does the recent target also maintain a port list or is it IP 
> addresses only?
> 

From the iptables tutorial :

iptables -A INPUT -m recent --name example --rsource
The --rsource match is used to tell the recent match to save the source
address and port in the recent list. This is the default behavior of the
recent match.

iptables -A INPUT -m recent --name example --rdest
The --rdest match is the opposite of the --rsource match in that it
tells the recent match to save the destination address and port to the
recent list.

http://iptables-tutorial.frozentux.net/iptables-tutorial.html#RECENTMATCH

-- 
Franck Joncourt
http://www.debian.org
http://smhteam.info/wiki/
GPG server : pgpkeys.mit.edu
Fingerprint : C10E D1D0 EF70 0A2A CACF 9A3C C490 534E 75C0 89FE

signature.asc
Description: Digital signature

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: stateful UDP with unknown source port on INPUT?, noa levy Re: stateful UDP with unknown source port on INPUT?, Franck Joncourt <= Re: stateful UDP with unknown source port on INPUT?, Robert Nichols Re: stateful UDP with unknown source port on INPUT?, Robert Nichols RE: re: stateful UDP with unknown source port on INPUT?, noa levy

Previous by Date:	Re: stateful UDP with unknown source port on INPUT?, noa levy
Next by Date:	Configuration of NAT, edwardspl
Previous by Thread:	Re: stateful UDP with unknown source port on INPUT?, noa levy
Next by Thread:	Re: stateful UDP with unknown source port on INPUT?, Robert Nichols
Indexes:	[Date] [Thread] [Top] [All Lists]