[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter-devel
Subject:    Re: can expectations be marked persistent, so they can match
From:       Sam Roberts <vieuxtech () gmail ! com>
Date:       2011-03-29 18:54:15
Message-ID: AANLkTinP8AMGwmyX7WxCrXTLNZcc_4ofAO7_D+ASkvu_ () mail ! gmail ! com
[Download RAW message or body]

On Mon, Mar 28, 2011 at 4:27 AM, Patrick McHardy <kaber@trash.net> wrote:
> On 24.03.2011 18:43, Sam Roberts wrote:
>> I'm writing a userspace conntrack, using nfqueue and conntrack.

>> However, unlike ftp, the negotiated ephemeral port is used by multiple
>> simultaneous tcp connections for some period. I'd like the expectation
>> to be kept in place until it times out, even when its matched.

> You should be able to use NF_CT_EXPECT_PERMANENT.

Yes, that works perfectly. Thank you.

Sam
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]