On Tue, May 27, 2003 at 10:49:56PM +0300, Ville Mattila spoke thusly: >Correct me on this if I'm wrong: It is a feature of Netfilter that >whenever conntrack is registered in kernel, then for example any UDP >packet passing through the firewall causes the state table to be consulted >resulting in either update of an old state entry if found or creation of a >new state. I think there is a NOTRACK patch in p-o-m, but haven't checked really. I kind of remember Henrik Nordstrom talking about it before, but a quick websearch only turns up this. http://lists.netfilter.org/pipermail/netfilter-devel/2001-September/ 005541.html
