Re: NOTRACK not working as expected

To:	"Wilson, Richard E" <richard.wilson@eds.com>
Subject:	Re: NOTRACK not working as expected
From:	Tom Eastep <teastep@shorewall.net>
Date:	Mon, 27 Nov 2006 13:51:10 -0800
Cc:	netfilter@lists.netfilter.org
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	netfilter-list1@securepoint.com
In-reply-to:	<DE0BDC6DCC1F724882C0828AD2D3E684093116@usplm203.amer.corp.eds.com>
List-archive:	</pipermail/netfilter>
List-help:	<mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id:	General discussion and user questions <netfilter.lists.netfilter.org>
List-post:	<mailto:netfilter@lists.netfilter.org>
List-subscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
References:	<DE0BDC6DCC1F724882C0828AD2D3E684093116@usplm203.amer.corp.eds.com>
Sender:	netfilter-bounces@lists.netfilter.org
User-agent:	Thunderbird 1.5.0.8 (X11/20061115)

To:

"Wilson, Richard E" <richard.wilson@eds.com>

Subject:

Re: NOTRACK not working as expected

From:

Tom Eastep <teastep@shorewall.net>

Date:

Mon, 27 Nov 2006 13:51:10 -0800

Cc:

netfilter@lists.netfilter.org

Delivered-to:

sp-com-lists@consult.net

Delivered-to:

netfilter-list1@securepoint.com

In-reply-to:

<DE0BDC6DCC1F724882C0828AD2D3E684093116@usplm203.amer.corp.eds.com>

List-archive:

</pipermail/netfilter>

List-help:

<mailto:netfilter-request@lists.netfilter.org?subject=help>

List-id:

General discussion and user questions <netfilter.lists.netfilter.org>

List-post:

<mailto:netfilter@lists.netfilter.org>

List-subscribe:

<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>

List-unsubscribe:

<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>

References:

<DE0BDC6DCC1F724882C0828AD2D3E684093116@usplm203.amer.corp.eds.com>

Sender:

netfilter-bounces@lists.netfilter.org

User-agent:

Thunderbird 1.5.0.8 (X11/20061115)

Wilson, Richard E wrote:

> 
> I added the following rule to prevent the ip_conntrack table from
> tracking localhost connections:
> 
> iptables -t raw -A PREROUTING -i lo -j NOTRACK
> 

...

> Is there a better way to create a rule to not track localhost connections?
> 

iptables -t raw -A OUTPUT -o lo -j NOTRACK

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key

signature.asc
Description: OpenPGP digital signature

<Prev in Thread]	Current Thread	[Next in Thread>
NOTRACK not working as expected, Wilson, Richard E Re: NOTRACK not working as expected, Tom Eastep <=

Previous by Date:	Re: How to measure CPU usage of netfilter, Mike Williams
Next by Date:	Re: can't tunnel through iptables, Alex Feldman
Previous by Thread:	NOTRACK not working as expected, Wilson, Richard E
Next by Thread:	would like to use match limit, Brent Clark
Indexes:	[Date] [Thread] [Top] [All Lists]