Hi, I've had a request to develop/find a utility that can selectively remove entries from the conntrack table on linux 2.4. So if you changed where a tcp port dnats to in iptables you could vape any existing conntrack entry relating to it and any future packets will go to the new dnat target. I'm mailing the list to find out if a) Theres a blatant reason why this is a BAD THING to be thinking about doing. b) See if a utility already exists Thanks in advance for any help, Yours, Ian Abel
