1 The CT target allows to set parameters for a packet or its associated 2 connection. The target attaches a "template" connection tracking entry to 3 the packet, which is then used by the conntrack core when initializing 4 a new ct entry. This target is thus only valid in the "raw" table. 5 .TP 6 \fB\-\-notrack\fP 7 Disables connection tracking for this packet. 8 .TP 9 \fB\-\-helper\fP \fIname\fP 10 Use the helper identified by \fIname\fP for the connection. This is more 11 flexible than loading the conntrack helper modules with preset ports. 12 .TP 13 \fB\-\-ctevents\fP \fIevent\fP[\fB,\fP...] 14 Only generate the specified conntrack events for this connection. Possible 15 event types are: \fBnew\fP, \fBrelated\fP, \fBdestroy\fP, \fBreply\fP, 16 \fBassured\fP, \fBprotoinfo\fP, \fBhelper\fP, \fBmark\fP (this refers to 17 the ctmark, not nfmark), \fBnatseqinfo\fP, \fBsecmark\fP (ctsecmark). 18 .TP 19 \fB\-\-expevents\fP \fIevent\fP[\fB,\fP...] 20 Only generate the specified expectation events for this connection. 21 Possible event types are: \fBnew\fP. 22 .TP 23 \fB\-\-zone\fP \fIid\fP 24 Assign this packet to zone \fIid\fP and only have lookups done in that zone. 25 By default, packets have zone 0. 26 .TP 27 \fB\-\-timeout\fP \fIname\fP 28 Use the timeout policy identified by \fIname\fP for the connection. This is 29 provides more flexible timeout policy definition than global timeout values 30 available at /proc/sys/net/netfilter/nf_conntrack_*_timeout_*. 31