I'm using conntrackd; and wondered if shorewall-conntrack syntax allows limiting conntrack to only "assured,destroyed" events as described here: http://conntrack-tools.netfilter.org/manual.html#sync-iptables-filtering
The intent is to reduce CPU use. I see that's possible using CT:helper:..(...), but doesn't seem to be possible without "helper". Am I wrong? Thanks, Justin ------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
