Hi, On Thu, 24 Jan 2008, Laszlo Attila Toth wrote: > Set the default policy of INPUT/FORWARD/OUTPUT chains of IPv4/IPv6 filter > tables to DROP or ACCEPT in kernel configuration. It can be override by > a module parameter (defaultdrop for IPv4 and defaultdropv6 for IPv6). The best practice is to load in the rules before bringing up the interfaces. So what would be the real benefit from the patch? Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
