On Mon, 10 Oct 2005 bernin_a@xxxxxxxxxxxxxxxxxxxxxxxxx wrote:
some connections (udp port 500) and i have the above problem. If i drop the initial packet of a connection, does it still get an entry in conntrack ?
It should not get into conntrack then.
As an example, i want to snat the udp packets from 192.168.1.2 port 5444 to come from 192.168.1.2 port 500. If i have a rule that blocks this connection, insert the nat rule first and allow the traffic afterwards, will this work ??
I think so. Regards Henrik
