On Friday, October 13, 2006 10:14 PM, Eric Dumazet wrote: > > Martin, I played with libnetfilter_queue > (http://www.netfilter.org/projects/libnetfilter_queue/index.html) > > With this single iptables rules, I was able to do what you want : > transmit the SYN message to a user application, that may DROP this > packet or let it pass normal TCP stack. > > iptables -A INPUT -p tcp --dport 333 --syn -j QUEUE > > Then hack nfqnl_test.c to meet your needs (see nfq_set_verdict(), > nfq_get_payload()) > > Be prepared to receive the 'same SYN' several time if your X.25 call > attempt is too long. > > (You have to be root unfortunatly) > > Eric
Thanks, this sounds very interesting. I will have a closer look at that. Martin - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
