Krzysztof Oledzki wrote:
>> That is what it currently does, are you observing a different behaviour?
> 
> Unfortunately :(
> 
>> # conntrack -D --orig-src 1.1.1.1 --orig-dst 2.2.2.2 -p tcp 
>> --orig-port-src 2005 --orig-port-dst 21
>> NFNETLINK answers: No such file or directory
>> Operation failed: such conntrack doesn't exist
> 
> # conntrack -L -i|grep 192.168.130.123
> udp      17 20 src=192.168.0.33 dst=192.168.130.123 sport=123 dport=123 
> packets=1 bytes=76 src=192.168.130.123 dst=192.168.0.33 sport=123 
> dport=123 packets=1 bytes=76 mark=0 use=1 id=13157
> 
> root@olemx:~# conntrack -D --orig-src 192.168.0.33 --orig-dst 
> 192.168.130.123 -p udp --orig-port-src 123 --orig-port-dst 123 -i 90909

Fixed in SVN.

> # conntrack -L -i|grep 192.168.130.123
> (empty)
> 
> # conntrack -D --orig-src 192.168.0.33 --orig-dst 192.168.130.123 -p udp 
> --orig-port-src 123 --orig-port-dst 123 -i 90909
> NFNETLINK answers: No such file or directory
> Operation failed: sorry, you must be root or get CAP_NET_ADMIN 
> capability to do this

This error message is related with libnfnetlink, give a try to the patch 
attached. It fixes it. I'll pass it to Harald.

-- 
Pablo