diff -urNX dontdiff linux-2.4.33-wt3.natdel.orig/net/ipv4/netfilter/ip_conntrack_proto_tcp.c linux-2.4.33-wt3.natdel/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
--- linux-2.4.33-wt3.natdel.orig/net/ipv4/netfilter/ip_conntrack_proto_tcp.c	Sun Nov 12 20:53:34 2006
+++ linux-2.4.33-wt3.natdel/net/ipv4/netfilter/ip_conntrack_proto_tcp.c	Sun Nov 12 21:34:11 2006
@@ -920,7 +920,7 @@
 #if defined(CONFIG_IP_NF_TPROXY) || defined (CONFIG_IP_NF_TPROXY_MODULE)
 	case TCP_CONNTRACK_TIME_WAIT:
 		/* Set MAY_DELETE if NAT subsystem may drop connection when it is clashing */
-		if (test_bit(IPS_TPROXY_BIT, &conntrack->status)) {
+		if (!test_bit(IPS_MAY_DELETE_BIT, &conntrack->status)) {
 			DEBUGP(KERN_DEBUG "Marking TPROXY-related TIME_WAIT conntrack entry MAY_DELETE\n");
 			set_bit(IPS_MAY_DELETE_BIT, &conntrack->status);
 		}