Hello, Richard Feng a écrit : > > I am using Linux 2.6.29. I have the problem for using 'conntrack' > (version:0.9.14) to block the traffic. > Using the following command as example: > conntrack -D -s 1.1.1.1 -d 2.2.2.2 > After execution, it appears the connection info was deleted - > conntrack -L | grep 1.1.1.1 -- shows the entry was deleted. > > However, the connection is still active What do you mean exactly ? The conntrack tool only deals with netfilter connection tracking, not with the actual connection (e.g. it won't send RST's in order to tear it down). How it may affect the actual connection depends on the iptables ruleset. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
