Hello We have some problems with nat. We want to relay "udp packet" from a host to other host using SNAT, DNAT. iptables -t nat -A PREROUTING -p udp -d PACKET.RELAY.HOST.IP --dport 10000 -j DNAT --to-destination TO.OTHER.HOST.IP:10000 iptables -t nat -A POSTROUTING -p udp -d TO.OTHER.HOST.IP --dport 10000 -j SNAT --to-source PACKET.RELAY.HOST.IP:10000 It works well. But after removing the rules, packet still transferred. I can find the conntrack entry in /proc/net/stat/ip_conntrack. We know libnfnetlink & libnetfilter_conntrack with kernel 2.6 can delete conntrack entries from userspace. But we use Redhat linux 2.4.21-32.EL. How can I delete specified conntrack entry in kernel 2.4 without kernel code ?? Cheers, Seongwoo Park
