Hi Richard,

> Hi, Florian.

> Somewhere, I thought that I saw some claims that ipf could let you
> run an arbitrary command to decide about accepting/rejecting a packet.
> I can't find this in the ipf.conf(5) man-page, though.  Can anyone
> confirm that, or perhaps remember what I'm *really* thinking of?
> Or do I need to exchange my memory chips for ones that work?

maybe 'call'?

call   this action is used to invoke the named function in the kernel,
       which must conform to a specific calling  interface.  Customised
       actions  and  semantics  can  thus  be implemented to supplement
       those available. This feature is for use by knowledgeable  hack-
       ers, and is not currently documented.

regards

--
  _     mailto:uhel@gmx.net
 ( )            --
  x    ASCII RIBBON CAMPAIGN
 / \     AGAINST HTML MAIL