On Thursday 16 January 2003 10:28 am, Sandro Minola wrote: > Hi all > > I just noticed that the 2.4. Kernel shipped with Bering does add a > conntrack entry for each routed connection. Please note that I really mean > plain routing, NOT NAT/MASQ'ing.
FYI, the 2.4/iptables does not _have_ to be set up as a stateful firewall. If you run in w/o the stateful option conntrack is not used, and definately not very useful with plain routing. I'm not sure whether the statefull definition is set in the kernel, but IIRC it is an option with the iptables ruleset. -- ~Lynn Avants Linux Embedded Appliance Firewall developer http://leaf.sourceforge.net ------------------------------------------------------- This SF.NET email is sponsored by: Thawte.com Understand how to protect your customers personal information by implementing SSL on your Apache Web Server. Click here to get our FREE Thawte Apache Guide: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0029en ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
