On 01/20/11 12:39, Henning Brauer wrote: > * Harald Dunkel <[email protected]> [2011-01-20 11:55]: > >> Of course I checked the man page, but it didn't tell. > > blasphemia. of course it does. > > match > The packet is matched. This mechanism is used to provide fine > grained filtering without altering the block/pass state of a > packet. match rules differ from block and pass rules in that > parameters are set every time a packet matches the rule, not only > on the last matching rule. For the following parameters, this > means that the parameter effectively becomes ``sticky'' until > explicitly overridden: nat-to, binat-to, rdr-to, queue, rtable, and > scrub. >
Probably I was too blind to see. Many thanx Harri
