On Wednesday 2010-03-24 16:02, Patrick McHardy wrote: >Jan Engelhardt wrote: >> xt_conntrack has been provided since v2.5.32. >> > >I'm fine with the removal of old revisions, but how are you planning on >informing users about removal of this module? Most people don't read >feature-removal-schedule, and distributions are unable to help with >user written scripts. I would suggest to do the same as we did with disallowing DROP in the nat table: - a message printed by iptables whenever -m state is used - a kernel message whenever whenever a rule with xt_state is created We did not actually do the kernel side with nat-prohibit-DROP, but I regard it as very useful, as the community was very much able to help itself if only they got the word - and it turned out that dmesg is _the_ place people look in especially when they don't supervise iptables output directly, as with, for example, boot splash where messages are hidden, or server/router devices that one tends to forget about. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
