Alan Ezust wrote:
We need to be able to determine when we get an UPDATE or a DISCONNECT, which
connections they correspond to. I assumed that was the purpose of the CT id.
The purpose was to uniquely identify a connection but we currenlty
assume that the tuple {src, portsrc, dst, portdst, l3protonum, protonum}
is enough.
Why are you removing it?
http://lists.netfilter.org/pipermail/netfilter-devel/2005-June/019923.html
--
The dawn of the fourth age of Linux firewalling is coming; a time of
great struggle and heroic deeds -- J.Kadlecsik got inspired by J.Morris
