On Fri, Apr 28, 2017 at 04:58:01PM +0200, Pablo Neira Ayuso wrote: > On Fri, Apr 28, 2017 at 11:02:53AM +0200, Arturo Borrero Gonzalez wrote: > > On 28 April 2017 at 10:28, Phil Sutter <phil@xxxxxx> wrote: > [...] > > > Ah, thanks for the pointer! I tend to ignore anything that's not in the > > > man page. :) > > > > Well, I guess adding more info to the man page won't hurt. > > > > Things I would add: > > * some bits about NAT chains configuration (this issue) > > * info about base chains priorities > > * some bits about atomic operations > > Either we update the existing documentation (manpage and wiki) as > Arturo suggest or we add some sort of transparent automatic NAT chain > registration in the kernel. I had considered that already, but didn't see an easy way to do it in kernel space. Also, in order to do it properly, one would have to remove it again if it's counterpart is removed, which further complicates things. Hence my poor man's approach of just warning about it. For the time being, I'll add a note to the man page pointing this out. If it will become unnecessary in the future, it can still be removed. Cheers, Phil > -- > To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
