On Thu, 2007-05-17 at 09:15 +1000, Paul Gear wrote: > With UDP, there is no connection to break.
Right. There is a conntrack association with the addr:port tuple though that prevents changes in tables from affecting it's NAT mappings. > The conntrack module tracks > related UDP packets, but cutter has no relevance to UDP since it is > connectionless. Right. That is what I was already saying. While cutter can break a conntrack entry for TCP because iptables removes the conntrack when it sees the RST packets, no such thing exists for UDP. b. -- My other computer is your Microsoft Windows server. Brian J. Murrell
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
