[23:29]<rlraxne>then there are all sort of things depending on how you want to construct your script [23:29]<rlraxne>you can take a look at my script over at http://www.tbg.nu/iptables.txt for ideas [23:30]<rlraxne>recently I managed to fix the BADTCP to a proper way [23:30]<rlraxne>a note regarding BADTCP checks is that the conntrack module already do this in 2.6.18 [23:30]<rlraxne>but not in earlier versions of 2.6 aswell as 2.4 [23:30]<rlraxne>in 2.6.18 the checked packet will be marked as state=INVALID if it has bad tcpflags combinations [23:31]<vyrn-vnzsr>lol, i was going to point him at that script actually, for good example of using for loop and /proc/net/ip_tables_names [23:32]<rlraxne>:) [23:32]<vyrn-vnzsr>looks good Apachez [23:32]<rlraxne>tnx :) [23:34]<afnxnztnah>Apachez, well im going to study that script ;) [23:35]<afnxnztnah>Apachez, vice-versa, thanks for your comments ;) [23:36]<vyrn-vnzsr>np [23:36]<rlraxne>np :)
