NAT Issue
Yasuyuki KOZAKAI
yasuyuki.kozakai at toshiba.co.jp
Fri Apr 20 14:21:24 CEST 2007
From: Kiran Murari <kmurari at embeddedinfotech.com>
Date: Fri, 20 Apr 2007 17:39:21 +0530
> Yasuyuki KOZAKAI wrote:
> > From: Kiran Murari <kmurari at embeddedinfotech.com>
> > Date: Fri, 20 Apr 2007 16:38:32 +0530
> >
> >
> >> After little bit of experimenting, I could see that if I flush all the conntrack entries,
> >> as soon as my WAN is enabled, the PING session continued.
> >>
> >> But flushing all the conntrack entries, doesn't look like a feasible one.
> >>
> >> Is there a way to flush the conntrack entries that have been created during a specific interval.
> >>
> >> Any thoughts.
> >>
> >
> > Why don't you flush table with tool 'conntrack' just after bringing up your
> > WAN ?
> >
> > http://www.netfilter.org/projects/conntrack/index.html
> >
> > -- Yasuyuki Kozakai
> >
> Yeah I have seen the 'conntrack'.
> But this requires linnetfilter_conntrack and libnfnetlink support.
> I am running a 2.6.14 on an Xscale processor.
>
> So is there a means to flush the entries, other than porting the
> 'conntrack' to Xscale.
There is no way. Other solution in my mind is to set a filter rule
to drop all forwarded packets, just before bringing down WAN interface.
-- Yasuyuki Kozakai
More information about the netfilter
mailing list