On Tue, Apr 12, 2011 at 1:27 AM, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > The main change is the following: You have to use the iptables CT target > with the option --userspace-helper in the raw table of prerouting. Patches to the iptables man page would be helpful. Your example passes all traffic through the CT target. Is that necessary? Can I match just tcp packets on the ports used by the protocol who's connections are being tracked? Can the CT target be used in the filter table? >> Can you suggest a reliable way to reproduce the crash? I only saw it Can you suggest a reliable way to reproduce the crash? >> once, and have no way to reproduce reliably, so no way to assure you >> the patch fixes the problem, I can only tell you if my code continues >> to work correctly. > > I sent an email to describe the problem to the ML. Every expectation Perhaps this was private email with some other netfilter devs? I can't find it in the archives: http://marc.info/?l=netfilter-devel&w=2&r=1&s=pablo&q=b Cheers, Sam -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
