Perfomance problem on MIPS
Philip Craig
philipc at snapgear.com
Thu Jun 1 10:55:06 CEST 2006
On 06/01/2006 05:46 PM, lst_hoe01 at kwsoft.de wrote:
> Zitat von art <art at sigrand.ru>:
>> It's wery upset fact. What can be done with this? Can I get version
>> where NAT not depend on Connection tracking?
>
> For performance see
>
> http://people.netfilter.org/kadlec/nftest.pdf
>
> For NAT without conntrack use NOTRACK or disable connection tracking at all.
You cannot use the standard kernel NAT without connection tracking.
It should be possible to write some stateless mangle targets that
can do simple address rewriting if that is all you need (this is the
equivalent of what the fast nat in 2.2 and 2.4 kernels did).
But if you need many to 1 NAT, or complex protocols such as FTP,
then you must use connection tracking.
More information about the netfilter
mailing list