commit | 5d0aa2ccd4699a01cfdf14886191c249d7b45a01 | [log] [tgz] |
---|---|---|
author | Patrick McHardy <kaber@trash.net> | Mon Feb 15 18:13:33 2010 +0100 |
committer | Patrick McHardy <kaber@trash.net> | Mon Feb 15 18:13:33 2010 +0100 |
tree | 6ea81b5eede26bd6a04bcc3cd79770c334139381 | |
parent | 8fea97ec1772bbf553d89187340ef624d548e115 [diff] |
netfilter: nf_conntrack: add support for "conntrack zones" Normally, each connection needs a unique identity. Conntrack zones allow to specify a numerical zone using the CT target, connections in different zones can use the same identity. Example: iptables -t raw -A PREROUTING -i veth0 -j CT --zone 1 iptables -t raw -A OUTPUT -o veth1 -j CT --zone 1 Signed-off-by: Patrick McHardy <kaber@trash.net>