On Thu, Sep 10, 2015 at 02:09:58AM +0200, Pablo Neira Ayuso wrote: > BTW, I think it would be good to add the missing code on > nfqnl_recv_verdict_batch() to support conntrack there too. Would you Sorry, I have never used it and I tried to understand, but... It seems batch verdict mark and reinject packets in nfqueue its id is less than user requested. What does conntrack (and payload) work on it? update all conntrack expectations less than the id, to the same one user requests? Thanks, -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
