On 8 Apr 2003, Cedric Blancher wrote: > Le mar 08/04/2003 à 14:23, Robert P. J. Day a écrit : > > it would make far more sense to have a list of menu options > > that reflects what a user would want to *do*, and have the > > underlying dependencies kept invisible. a more readable menu > > like: > > > > Basic filtering > > Connection tracking > > NAT > > Packet mangling > > This does not reflect reality. Connection tracking does not depend on > basic filtering. It's even completly independent form it. It does not > depend on NAT either. sorry, i didn't mean it that way -- just suggesting that, if one selects to do basic filtering, a sub-option of "connection tracking" means that they want to do *additional* filtering. but there would still have to be a top-level connection tracking option. this just gets messy with these interdependencies. yuck. > > gotcha. if you want masq/NAT, you would have to select > > not only Connection tracking, but IPtables support and, > > within that, "Full NAT". and that's why i dislike the current > > menu layout. it would be more reasonable for someone to say, > > "i want NAT", and have the underlying dependencies automatically > > satisfied. > > I see your point. But I do think connection tracking has to appear as a > independent choice. i agree. see above. i'll give all of this more thought, and peruse the actual code more carefully to see how all of this ties together. rday
