Jan Engelhardt wrote: > On Thursday 2009-03-12 16:13, Christoph Paasch wrote: > >> As NF_DROP = 0, no packets would ever have been dropped. > > Mh would not it be safer to actually give NF_DROP a real value so that > -NF_DROP also makes sense? > (Might need checking places where NF_DROP is used.) We cannot change the current value of NF_DROP. This is exposed to userspace in libnetfilter_queue. Changing the value would break backward compatibility of existing applications. -- "Los honestos son inadaptados sociales" -- Les Luthiers -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
