On Mon, 17 Dec 2012 07:30:41 -0500 Jamal Hadi Salim <jhs@xxxxxxxxxxxx> wrote: > On 12-12-16 03:41 PM, Jamal Hadi Salim wrote: > > > > There is an "intermediate solution" from Hasan which doesnt require > > the kernel change. It changes the kernel endpoint to "ipt". I am > > conflicted because it is a quick hack while otoh forcing people to > > upgrade kernel is a usability issue. > > > > > Attached. Author is Hasan - I didnt sign it because i am looking for > feedback and i find it distasteful but it solves the problem. > This is needed until we have a proper fix in the kernel propagated. > Once that kernel change is ubiquitous this change is noise and a > maintanance pain. I am making it hard to even turn it on > (i.e someone knowledgeable will have to compile with CONFIG_XT_HACK) > > cheers, > jamal > > Maybe xtables should have stable API/ABI and use shim routines there? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
