Pablo Neira Ayuso wrote:
: The only problem that I see is that you patch relaxes the current
: checking that we're doing. I mean, for every packet in one direction we
: only accept one ICMP reply packet. With your patch, we can accept more
: than one packet in the reply direction.
I think it is perfectly legal, as we _want_ to se the duplicates,
if there are any.
-Yenya
--
| Jan "Yenya" Kasprzak <kas at {fi.muni.cz - work | yenya.net - private}> |
| GPG: ID 1024/D3498839 Fingerprint 0D99A7FB206605D7 8B35FCDE05B18A5E |
| http://www.fi.muni.cz/~kas/ Journal: http://www.fi.muni.cz/~kas/blog/ |
>> If we wanted to trade simplicity and kewl design for usability I think <<
>> we all know the URL of the Apple Store. --jmorris42 @LWN <<
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
