Hi pablo I found there are some netfilter proto's sysctl file is not isolated. such nf_conntrack_max, nf_conntrack_udp_timeout... Is this an unimplemented feature ? Why we make the nf_conntrack_checksum,nf_conntrack_log_invalid.. per-netnamespace, and left nf_conntrack_max? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
