On 2/7/07, Randy McMurchy <[EMAIL PROTECTED]> wrote: > > It sure would be nice if we could identify what those extra modules > and extensions *do*, and why almost everyone else's Iptables installation > seems okay without them (at least there's been no reports of breakage > or folks needing them).
I think because they're just extensions, and we only use a limited subset of these extensions in our iptables setup. I personally don't do anything fancy with iptables. I'm just blocking or opening ports. I think that in the connbytes example, this module would allow you to monitor the number of bytes passing through a connection and filter accordingly. Here's what the man page says: "Match by how many bytes or packets a connection (or one of the two flows constituting the connection) have tranferred so far, or by average bytes per packet." -- Dan -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
