doc: remove reference to the CT target

Sorry, the iptables CT target is not yet ready for use until some
patches are pushed to the Linux kernel.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

1 files changed, 0 insertions, 23 deletions

diff --git a/doc/manual/conntrack-tools.tmpl b/doc/manual/conntrack-tools.tmpl
index 8a4e15d..affeb66 100644
--- a/doc/manual/conntrack-tools.tmpl
+++ b/doc/manual/conntrack-tools.tmpl
@@ -592,29 +592,6 @@ Sync {
 
 </sect3>
 
-<sect3 id="sync-iptables-filtering">
-<title>Filtering Connection tracking events with iptables</title>
-
- <para>Since Linux kernel &gt;= 2.6.34, iptables provides the
- <emphasis>CT</emphasis> iptables target that allows to reduce the
- amount of Connection Tracking events that are delivered to user-space.
- The following example shows how to only generate the
- <emphasis>assured</emphasis> event:</para>
-
- <programlisting>
- # iptables -I PREROUTING -t raw -j CT --ctevents assured
- </programlisting>
-
- <note><title>Assured flows</title>
- <para>One flow is assured if the firewall has seen traffic for it in
- both directions.</para>
- </note>
-
- <para>Reducing the amount of events generated helps to reduce CPU
- consumption in the active firewall.</para>
-
-</sect3>
-
 </sect2>
 
 <sect2 id="sync-trouble"><title>Troubleshooting</title>