On Mon, Aug 04, 2008 at 06:57:21PM +0200, Patrick McHardy wrote: > Well, first thought is the usual fear of breaking setups. If they are doing this, their setup is _already_ broken. This will fix it ;-) > But I do agree that this makes sense, we've had a number > of "bugreports" over the years from people how tried to > do filtering in the nat table and didn't realize it only > sees the first packet of a connection. > > Not sure - anyone else with an opinion? :) +1 Phil -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
