On Tue, 2003-09-16 at 15:11, Ramin Dousti wrote: > On Tue, Sep 16, 2003 at 02:46:27PM +0200, Ray Leach wrote: > > > > > > > Don't load the ip_conntrack module, and / or don't use any iptables rules that > > > use "-m state" in the arguments :) > > Yeah, connection tracking automagically implies state inspection. > > OK. Thanks for the informative comments but can you lay out the steps to > prevent stateful inspection? For example, how to unload "ip_conntrack" and > to prevent it from being reloaded again? > Personally, I would re-compile the kernel without connection tracking support. > Thanks again. > > Ramin -- -- Raymond Leach <raymondl@xxxxxxxxxxxxxxxxxxxxxx> Network Support Specialist http://www.knowledgefactory.co.za "lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import" Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28 --
Attachment:
signature.asc
Description: This is a digitally signed message part
