On Wed, Jun 09, 2010 at 05:20:37PM +0200, Jan Engelhardt wrote: > > On Wednesday 2010-06-09 17:16, Patrick McHardy wrote: > >Jan Engelhardt wrote: > >> On Wednesday 2010-06-09 16:16, Patrick McHardy wrote: > >>>>> You could use the NOTRACK target to bypass connection tracking. > >>>>> > >>>> I tried the NOTRACK target, but the packet is still going > >>>> throught reassembly, because the RAW filter has lower priority > >>>> then the connection track defragmentation.. > >>> > >>> Right. > >> > >> Blech. That reminds me of > >> http://marc.info/?l=netfilter-devel&m=126581823826735&w=2 > > > >We already fixed that. > > I know, and I posted it for the understanding of the OP > as to why RAW is after DEFRAG. thanks, it's helpful jirka -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
