On Thursday 2011-02-03 17:08, Pablo Neira Ayuso wrote: >>> Hm, this is actually not straight forward to implement, you'll have to >>> use hook functions to avoid the module dependencies with conntrack and >>> that's pretty annoying. >>> >>> I don't come up with a good solution for this. >> >> If it loads conntrack always, there is the option to shovel it >> into xt_connmark.c. > >the problem is that Hans wants this not to depend on conntrack always. Well you porbably won't get around the nf_conntrack module dependency, but conntrack can still be disabled through CT --notrack if one does not like the runtime cost. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
