From: Jonathan Morton <[email protected]> Date: Wed, 23 May 2018 23:33:04 +0300
> Now I'm *really* confused. > > Are you saying that the user has to set up their own conntrack > mechanism using extra userspace commands? Because complicating the > setup process that way runs directly counter to Cake's design > philosophy. I mean not anything filtering or firewall related. We have a full flow dissector in the networking core, which often runs on every RX packet anyways. Record what we need and use it on egress after NAT has occurred.
