Pressed R instead of L :( Replying to Joakim Axelsson: > Are you doing any NAT? Some of the state in -m conntrack are now some other > state.
Yes, I'm DNATing, but according to conntrack sources, as far as I can see, new states (SNAT, DNAT) are |= (bitwise ored) to statebits and if I leave other bits in state mask the same, match count shouldn't decrease. anyway adding DNAT and SNAT bits to ctstate will increase matches, but it is still less than -m state ... -- Paul P 'Stingray' Komkoff 'Greatest' Jr // (icq)23200764 // (irc)Spacebar PPKJ1-RIPE // (smtp)[EMAIL PROTECTED] // (http)stingr.net // (pgp)0xA4B4ECA4
