l�r, 2002-04-13 kl. 19:22 skrev Banai Zoltan: > [Please CC me, i'm not on the list!]
> Is it possible with netfilter(iptables), > to deny forwarding ftp/www connections witch > have different dport than 21 ? Yes. You can deny any access to any port you wish. Almost any protocol you wish, any source or any destination. > Or i can only deny ports? No. > I wonder about what can conntrack do? Conntrack keeps a status of 'state'. I.e., which machines/IP numbers are doing what at any given time. Protocols, states of connection, IP packet sequence numbers etc. It has limitations with regard to specific protocols and data exchange mechanisms, for which specific conntrack modules are necessary. > If it is possible where can i get further info/example? Read the docs and man pages for iptables; read all relevant rfcs, read netfilter and nat HOWTOs at Linuxdoc.org. Buy a couple of machines and experiment with them etc. etc. Couple them to the Internet and experiment with that. Read each and every posting to [EMAIL PROTECTED] , whether you think at first sight it concerns your interests or not. Confine yourself solely to the group with questions and answers, unless you have special friends or relations. Seek to improve your English until you're better at it than your own mother tongue, Hungarian :-) Best, Tony
signature.asc
Description: Dette er en digitalt signert meldingsdel
