Hi, Is there any (simple) way, from userland, to tell the Linux kernel to delete an active connection from the connection tracking list? Example, say I have a NAT box running Linux, internal IP 192.168.16.1, external 1.2.3.4. I have a machine on the private network with an active connection: (cat /proc/net/ip_conntrack) tcp 6 431998 ESTABLISHED src=192.168.17.16 dst=64.28.67.150 sport=32879 dport=80 src=64.28.67.150 dst=217.XXX.YYY.ZZZ sport=80 dport=32879 [ASSURED] use=1 So I want to tell the kernel to forget about the above connection, such that any further packets either upstream or downstream will simply get dropped. Can this be achieved using existing utilities/kernel features? cheers, David. - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
