--- README.libipt ----------------------------------------------------
IPTABLES SUPPORT
----------------
The files libipt_DWISDN.so and libipt_dwisdn.so are for adding
ISDN support to iptables. This enables you to configure what type
of IP packet is permitted to cause a dialout, for example.
The file libipt_ISDNDIAL.so is a helper target for dynip MASQUARING in
the nat-table POSTROUTING hook. Wich trigger dialing and
queue's frames through interface goes online and ip-addr set correctly.
Therefor ISDNDIAL must be placed before the MASQUARING target.
A short overview you get with:
iptables -m dwisdn --help
iptables -j DWISDN --help
iptables -j ISDNDIAL --help
Tiny tip for dynip-interfaces:
iptables -A OUTPUT -p tcp ! --sync \
-o ippp+ \
-m dwisdn ! --f_eq_iadr \
-j REJECT --reject-with tcp-reset
Closed old ESTABLISHED tcp connections.
No dial is triggered :-)
The sources are included, however to compile these files you need
the netfilter 1.1.2 cvs-tree and the patch "patch-netfilter-1.1.2_isdn".
Because of this, the compiled .so files have been included for
your convenience (i386 only at this time).
You can use the .so file by copying the file to the iptables
lib-dir (default /usr/local/lib/iptables).
At a later date the ISDN stuff will hopefully be integrated into
the official sources, and then the .so files in the archive will
go away because you can compile it yourself easily then.
5e42607f7a