#16938: Not obvious how to use NOTRACK
-------------------------+-------------------------------------
Reporter: anonymous | Owner: developers
Type: enhancement | Status: new
Priority: normal | Milestone: Barrier Breaker (trunk)
Component: base system | Version: Trunk
Keywords: |
-------------------------+-------------------------------------
My router sometimes hangs under heavy BitTorrent load. I've set up a
static "port forwarding" rule for IPv4, and I'm allowing incoming IPv6 to
my LAN, but to my dismay this doesn't disable connection tracking for
these ports.
It would be nice if there were a way to set up untracked port forwarding
in a single firewall rule. In principle, this should be doable by setting
DNAT+SNAT+NOTRACK for IPv4, and ACCEPT+NOTRACK for IPv6, but this is
tedious, error-prone, and it's not clear to me whether this does the right
thing with respect to ICMP.
Please provide a documented way to enable untracked port forwarding, for
all combinations of UDP, TCP, NATed IPv4 and IPv6. Explicit support in
the firewall scripts would be best, but just documentation would be good
enough.
--
Ticket URL: <https://dev.openwrt.org/ticket/16938>
OpenWrt <http://openwrt.org>
Opensource Wireless Router Technology
_______________________________________________
openwrt-tickets mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-tickets
