ip_conntrack
Rusty Russell
rusty@linuxcare.com.au
Sun, 09 Apr 2000 12:51:14 +0930
In message <Pine.LNX.4.21.0004031943170.2035-100000@tux.rsn.hk-r.se> you write:
> Does conntrack have to keep track of all connections?
> Even those that are just being forwarded and not NATed?
>
> There are about 500 machines that go throu thi machine to get out on the
> Internet. I get a lot of this message:
>
> ip_conntrack: Wow someone raced us!
It's harmless, and can only happen on busy SMP. Will remove it before
2.4.0: you can remove it now.
It's not always possible to know which connections to track. Putting
it under user control simply adds another area where mistakes can be
made. You never want to map a connection over an existing one, simply
because you didn't know the existing one is there.
Simply insert the module when you require NAT.
Rusty.
--
Hacking time.