On Mon, 22 Oct 2001, Matthew G. Marsh wrote:
> The one point of friction - which is what I refer to when I speak of
> incompatibility in the context of this thread - is that NetFilter
> conntrack, an external module to the kernel, "breaks" the RPDB sections
> that allow FastNAT. This is not a bad thing due to the fact that conntrack
> provides stateful inspection by reason of providing the notion of
> "Connection" as a variable to the packet filtering engine (NetFilter).
> Indeed I use both types of NAT in different situations depending on the
> job I wish to get done. Neither one is a panacea for all NAT.
How do you activate FastNAT? How do you activate
SlowNAT/conntrack/NetFilter? Is it that 'RELATED' keyword
that I've seen in a couple of places? I've been looking at
http://netfilter.samba.org/unreliable-guides/
for my iptables needs; is there a better place?
--
N Fudd -- nfudd@xxxxxxxxxxxx
Laundry instructions on a shirt made by HEET (Korea):
For best results:
Wash in cold water separately, hang dry and iron with warm iron.
For not so good results:
Drag behind car through puddles, blow-dry on roofrack.
|