I wanted to use TCP-Flags in the RAW filtering and I only want catch the New packets and have to use TCP-Flags for that. Now I see the the option “inverse” and thought that would made it a bit easier because that would exclude the second part of the handshake.
TCP-Flags=!Syn and tick inverse and I assumed that would be the same a Syn !ack !cwr !ece !fin !psh !rst !urg
Does anyone knows what “inverse” is doing exactly because I could not find that back in the Wiki.
