Sorry, a bit late replying to this but just wanted to add my thoughts. > I think so, there are many old matches that are stables and I have to > apply many times when I update the kernel. If they where into kernel and > iptables (because they are now not as experimental than many months/years > ago) these problem when new kernel releases and/or iptables releases > disapears very quickly. > > I have a great headache now, I had to patch my kernel, patch iptables, > update iproute to allow "mark-and" operations for routing. Yes, I can > adapt many thinks and forgot many routing/filtering functionality, but > then, my linux box will be useless for the purposes I deploy it. > > I have no problem in patch and upgrade thinks, my problem is that I have > no time to do all these steps every any important bug, improvement is > released. I would also like to see as many of the POM included in the stable kernel. It's a bit of a headache to patch in what I want each time I update the kernel, and on a fresh system I have to install CURL just to update POM just to add connlimit to the kernel... It's also a bit of a problem because I am looking to hand my server over to professional support. I've got to explain to them that if they ever update the kernel that it will need patching. If they don't, or forget, then it will significantly affect the system's performance in the particular situation. Finally, I can't help but think it puts off newcomers. Although fairly simple when you know what you're doing, when someone comes from a point-and-click windows background it is incredibly complicated! The two I would like to see in the main kernel are connlimit (stable for a few years?) and ipset. Regards, Andy Beverley _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
