On Thu, May 22, 2008 at 10:18:25PM +0200, Patrick McHardy wrote: > Not implemented yet, but I'm probably going to add this as an option > (since it may affect the choice of data structure). For jumps its > tricky though because loop detection has to be performed. I don't see why this always has to be performed. There so many ways to break your system when you're root, so being required to define a loop free rule sets after specifying some kind of "yes I really want to"- option should be that much of a burden. As far as I understand the code, the loop checking at the moment is done in userspace, so nobody stops you from simply removing that part from the iptables code. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
