You can try to use the RAW table. For example: iptables -t raw -A PREROUTING -p tcp --dport 22 -j DROP 2012/9/14 Sladjan Ri <sladjanri@xxxxxxxxx>: > Hi, > > I read that the notrack target could be used to save performance. Is > it really possible to exclude for example packets to a specific port > from being tracked? How could the target know where the packet would > go, if the target has to be used in "preroute", before the routing > decision? I am referring to this text: > http://security.maruhn.com/iptables-tutorial/x4772.html > Thanks! > > Regards, > Sladjan > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
