On Wed, 2003-05-28 at 11:03, Ville Mattila wrote: > This problem would be solved if it was possible with > Netfilter/iptables to skip connection tracking for some > rules (servers sending dns queries and replies to them in > our case), or better yet, not to track every connection by > default but only when requested per rule. Is this kind > of selective connection tracking possible already or will > it possibly become supported in future conntrack versions? This has been supported for a long time. Look at userspace/raw.patch in patch-o-matic. -- /Martin
