On 06/01/2006 05:46 PM, lst_hoe01@xxxxxxxxx wrote: > Zitat von art <art@xxxxxxxxxx>: >> It's wery upset fact. What can be done with this? Can I get version >> where NAT not depend on Connection tracking? > > For performance see > > http://people.netfilter.org/kadlec/nftest.pdf > > For NAT without conntrack use NOTRACK or disable connection tracking at all. You cannot use the standard kernel NAT without connection tracking. It should be possible to write some stateless mangle targets that can do simple address rewriting if that is all you need (this is the equivalent of what the fast nat in 2.2 and 2.4 kernels did). But if you need many to 1 NAT, or complex protocols such as FTP, then you must use connection tracking.
