Hello,
currently in iptables i can set NOTRACK (-j CT --notrack) only for
OUTPUT and PREROUTING. Because the routing decision is made after the
conntracking.
I need stateful firewall on INPUT, but conntrack on FORWARD is
performance drawback for me. And i can imagine that someone might have
And by "disguise" i've meant "distinguish" :-)
T.
Dne 2016-12-06 06:54, mudru...@spoje.net napsal:
Hello,
currently in iptables i can set NOTRACK (-j CT --notrack) only for
OUTPUT and PREROUTING. Because the routing decision is made after the
conntracking.
I need stateful firewall on INPUT,
