On Fri, 16 May 2014, Pascal Hambourg wrote: > Ethy H. Brito a écrit : > > This is what I see, please correct me if I'm wrong: > > 1) IP stack is in place during boot > > 2) network parameters are configured (ip addrs, routes, etc) > > 3) nf modules are loaded (/etc/modules.d??) > > 4) conntrack modules are loaded (also /etc/modules.d) > > 5) user scripts are loaded (iptables snat or FORWARD rules included) > > The order is sysadmin-dependent. You decide. My iptables initscript is > run before the network is configured and activated. And if you are unable for whatever reasons to do it correctly you can use the "conntrack" tool after iptables rule setup to flush/delete all conntrack connections existing at that time. c'ya sven-haegar -- Three may keep a secret, if two of them are dead. - Ben F.
