1The CT target allows to set parameters for a packet or its associated 2connection. The target attaches a "template" connection tracking entry to 3the packet, which is then used by the conntrack core when initializing 4a new ct entry. This target is thus only valid in the "raw" table. 5.TP 6\fB\-\-notrack\fP 7Disables connection tracking for this packet. 8.TP 9\fB\-\-helper\fP \fIname\fP 10Use the helper identified by \fIname\fP for the connection. This is more 11flexible than loading the conntrack helper modules with preset ports. 12.TP 13\fB\-\-ctevents\fP \fIevent\fP[\fB,\fP...] 14Only generate the specified conntrack events for this connection. Possible 15event types are: \fBnew\fP, \fBrelated\fP, \fBdestroy\fP, \fBreply\fP, 16\fBassured\fP, \fBprotoinfo\fP, \fBhelper\fP, \fBmark\fP (this refers to 17the ctmark, not nfmark), \fBnatseqinfo\fP, \fBsecmark\fP (ctsecmark). 18.TP 19\fB\-\-expevents\fP \fIevent\fP[\fB,\fP...] 20Only generate the specified expectation events for this connection. 21Possible event types are: \fBnew\fP. 22.TP 23\fB\-\-zone\fP \fIid\fP 24Assign this packet to zone \fIid\fP and only have lookups done in that zone. 25By default, packets have zone 0. 26.TP 27\fB\-\-timeout\fP \fIname\fP 28Use the timeout policy identified by \fIname\fP for the connection. This is 29provides more flexible timeout policy definition than global timeout values 30available at /proc/sys/net/netfilter/nf_conntrack_*_timeout_*. 31