Hi, On Friday, 2008 September 12 at 0:35:10 +0200, Pablo Neira Ayuso wrote: > Eric Leblond wrote: > > Hello, > > > > On Thursday, 2008 September 11 at 23:56:57 +0200, Pablo Neira Ayuso wrote: > >> Eric Leblond wrote: > >>> This patch modifies the build system behaviour to be able to compile > >>> ulogd on system without recent release of libnetfilter library. If > >>> a library is absent or too old, it will simply not compile the concerned > >>> input module. > >> I don't see any gain from this patch. We had this sort of conditional > >> compilation in iptables - that we finally removed - and it was source of > >> user-side problems. > > > > Hmm, even if you think autodetection is a mistake, it is useful to > > be able to compile ulogd on system where NFLOG or NFCT is not installed > > or not usable (too old kernel). > > We're having this discussion over and over again :), ulogd is intended > for new systems. The ULOG target support should be legacy. You know how > limited the ULOG target is, and how many headache gives to add new > features to it ;) Yes :). I was not thinking about maintaining ULOG support when doing the work for this patch. > > What do you think about a --without flag to be able to manually disable > > the compilation ? > > Well, I'd prefer that but, sincerely, your obsession with legacy systems > go really that far. Not as far as Harald's one who put this feature in the TODO list ;) But, my point was not really intendend to address legacy systems. I just want to have something clean for people who for example want only to use NFLOG. That will be stupid for them to compile and install libnetfilter_conntrack on their system and not to use it. BR, -- Eric Leblond INL: http://www.inl.fr/ NuFW: http://www.nufw.org/
Attachment:
signature.asc
Description: Digital signature
