On Friday 2009-06-05 13:54, Patrick McHardy wrote: >> + >> + if (optsize > sizeof(opts)) >> + optsize = sizeof(opts); > > How can this happen? The doff field can only represent up to 40 > bytes of option length. Forged packets? >> + printk(KERN_INFO "Started passive OS fingerprint matching module.\n"); > > Please no messages on successful module load. Or at least > not when statically built, but preferrably not at all. By that logic should not the messages-on-load for netfilter be removed? ;-) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html