NOTRACK action question

Gary W. Smith gary at
Wed Aug 24 23:49:28 CEST 2005

Makes sense.  Your understanding is correct.  We will look at moving the
server into a directly routed subnet in the future. 

BTW, do you know what the limit is on connection tracking or where I can
find/set the values.

> It would depend on your configuration. Oh you said NAT, DNAT I guess.
> IIUC DNAT does depend on connection tracking. Perhaps you should put
> your Apache reservation in a routed (not DNAT'ed) subnet.
> > I would assume no.  But when I add a NOTRACK rule to the raw table
> > Apache suddenly fails to serve the pages to external clients.
> Then your assumption would seem to be in error.
> > Am I doing something wrong?
> If it's not working, and you want it to work, yes. :)
> --
>     mail to this address is discarded unless "/dev/rob0"
>     or "not-spam" is in Subject: header

More information about the netfilter mailing list