On Thu, May 22, 2008 at 10:51:59PM +0200, Patrick McHardy wrote: > No, its done in the kernel. I also don't buy this argument. Oh yes, mark_source_chains, sorry > Sure, you can wreck your system if you really want to, but > it should be prevented to do so accidentally. Additionally, > if you consider setups with limited root powers, this becomes > a serious bug. Well if you can't wreck your system this way now, creating such a possibility wouldn't be so good... agreed. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
