conntrack and conntrack ? i'm assuming this is a typo? so, even some kind of odd udp reply will still be the same connection if it's within 30seconds? so, i can use connmark on not just TCP, but on all protocols? Regards, Maarten Op dinsdag 23 september 2014 20:41:08 schreef Eliezer Croitoru: > Hey Maarten, > > As long as I remember conntrack and conntrack are working together. > Which means that udp traffic will be distinguished the same way as TCP > as long the connection tracking categorized it under the same connection > stream. > (I think for unestablished connection 30 secs and more for an > "established" one) > > Eliezer > > On 09/23/2014 03:46 PM, Maarten wrote: > > Hi, > > > > until now, i've done multiple ISPs with nexthop default route, 2 extra > > tables, ip rule and TCP connmark. > > > > but, how does this involve UDP traffic... > > > > if for example i have in my NAT LAN an NTP server, how would i get the udp > > packet out the same interface where it was originally coming in from? > > > > please advise... > > > > Maarten -- BA NV IT & Security -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
