On Wednesday 2011-07-13 10:07, Oskar Berggren wrote: >>>> I'm sure there's a sysctl knob, but off the top of my head: >>>> >>>> -t raw -A PREROUTING -j NOTRACK >> >> -t raw -A OUTPUT -j NOTRACK -t raw -A PREROUTING (or OUTPUT depending on which you want) -j CT --notrack >> hey man i applied above rules, its not working, It certainly does work. >> the connections shows in /proc/net/ip_conntrack Of course - because you only disabled it for new packets. Old CTs live on until they are cleared. >> is any one can tell how to disable connection tracking completely, >> >> please help me man ["yo man" this ain't the hood, ya dig.] >Unload the module. That won't work if it is locked by iptables rules, though. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
