is NOTRACK modules the only way to avoid connection tracking?
Alexander Piavka
piavka at cs.bgu.ac.il
Mon Feb 7 13:00:25 CET 2005
Hello, i have a question about connection tracking.
if i have at least one iptables rule with -m state ,no matter in which
chain,then the conntrack module gets loaded in all iptables hooks and
thus all packets will be connection tracked, even if i need to track
only a small subset of packets. This means that the only way to avoid
connection tracking for most of packes is to use the NOTRACK module in raw
table to match them. Is my understanding correct?
Or i can avoid connection tracking without the use of NOTRACK modules?
Thanks a lot
Piavlo Alexander
More information about the netfilter
mailing list