On Sat, 25 Aug 2012, Andre Tomt wrote:
On 25. aug. 2012 02:58, Andre Tomt wrote:
On 09. aug. 2012 22:08, kaber@xxxxxxxxx wrote:
The following patches contain an updated version of IPv6 NAT against
Linus' current tree.
Hmmm. Looking in my crystal ball (hi #ipv6!), I predict that if this
lands in mainline - and thus in consumer CPE/routers eventually - many
ISP's will have little incentive to actually implement assigning of
blocks to their consumer users like they "have to" today.
We have this wonderful chance of fixing a major problem with todays
internet, but now we are going down this very slippery slope.
I do need this code for a experimental project myself, and acknowledge
there may be some valid use cases, but I do not like the global
implications one bit.
At least some big fat warnings please?
Clarification: This is about the NAT66 port-based 1:n NAT targets.
We can certainly add a warning to the Kconfig text or (better) the
iptables manpage. But only a very small percentage of people who
might end up (unknowingly) using this will ever see them.
Feel free to send a patch though.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
