Hi All, I'm using kernel v. 2.6.22.1, iptables v. 1.3.8. I have an ADSL connection with dynamic IP. I use ipp2p to indentify and CONNMARK to mark p2p traffic. Then I classify the marked packets to a low-prio class. This all work fine until the first ip change comes. Because ipt_MASQUERADE flushes all the conntrack entries which belong to my external interface, so the marks are reset along with this. Then the p2p traffic goes to the default class, which is not good for me. Is it possible to tell ipt_MASQUERADE not to flush these entries, just update them with the new IP? Or is there an alternative solution for this? Thanx in advance. Steve
