Any idea if the PPTP conntrack module will make it into the mainstream
kernel ?
Eventually yes. I doubt it has been stable enough yet to consider it.
One more (unrelated?) question : is it possible to disable connection tracking on a per interface basis ?
Have a look at patch-o-matic/userspace/raw.patch, which adds a NOTRACK target.
-- Philip Craig - philipc@xxxxxxxxxxxx - http://www.SnapGear.com SnapGear - Custom Embedded Solutions and Security Appliances
