Snippets Groups Projects

Commit 5d0aa2cc authored 15 years ago by Patrick McHardy

netfilter: nf_conntrack: add support for "conntrack zones"


Normally, each connection needs a unique identity. Conntrack zones allow
to specify a numerical zone using the CT target, connections in different
zones can use the same identity.

Example:

iptables -t raw -A PREROUTING -i veth0 -j CT --zone 1
iptables -t raw -A OUTPUT -o veth1 -j CT --zone 1

Signed-off-by: Patrick McHardy <kaber@trash.net>

parent 8fea97ec

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 210 additions and 76 deletions

Vikram Narayanan @vikram
Mentioned in commit 4b31814d
· 8 years ago

Mentioned in commit 4b31814d

Mentioned in commit 4b31814d20cbe5cd4ccf18089751e77a04afe4f2

Toggle commit list

Please register or to comment