> -----Original Message----- > From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx > [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of > Jason Opperisano > Sent: Tuesday, December 28, 2004 12:22 AM > To: netfilter@xxxxxxxxxxxxxxxxxxx > Subject: Re: How to flush the connection state in the linux > > > On Mon, 2004-12-27 at 02:26, Vincent wrote: > > Hello, > > > > Does any one know how to flush the connection state in the > linux (Not > > flush iptables rule -F). I used transparent mode in the linux (use > > brctl to bridge eth & eth1). When I tried to use iptables > to drop some > > specified packet and it was fail. > > So I doubt there are some established connection state exist in the > > linux to pass these > > Forbidden connections. > > > > My enviroment > > Linux 2.4.25 > > Iptables 1.2.11 > > you need to remove the "ip_conntrack" module. > > in order to do that--you need to remove all the modules that > use it (like 'iptable_nat' etc). Can I remove ip_conntrack in one command? If it can be, how to do it? I try the command "modprobe -r ip_conntrack", but it seems not worked. Besides, I tried to remove ip_conntrack and its dependency module manually. But the forbidden packet is still pass through. Is there any other solution?? Thanks for your assistance Vincent > > -j > > -- > "'Nuke the whales?' You don't really believe that, do you? > I dunno. Gotta nuke something." > --The Simpsons >
