On Sat, May 14, 2005 at 10:02:52AM +0300, Georgi Alexandrov wrote: > Jason Opperisano wrote: > > >On Wed, May 11, 2005 at 03:30:16PM -0400, Pete Toscano wrote: > > > > > >>Freaky. My output is the same as yours with the exception of the 1.2.11 > >>string. > >> > >>recent v1.2.11 options: > >><snip same stuff that you have> > >>ipt_recent v0.3.1: Stephen Frost <sfrost@xxxxxxxxxxx>. > >>http://snowman.net/projects/ipt_recent/ > >> > >>I'm a little confused about the difference between "recent v1.2.11" and > >>"ipt_recent v0.3.1" Is one a kernel component and the other the > >>userspace part? > >> > >> > > > >yes, ipt_recent == kernel module. the 1.2.11 is the version of the > >iptables userspace utility. > > > > > > > >>I'm also a little confused about p-o-m. Is this something I can apply > >>without recompiling my (modular) kernel? > >> > >> > > > >no. > > > > > I don't agree Jason. You can compile only the needed modules. that's a *very* dangerous piece of advice. i'm sure you can find examples of PoM modules that are completely self-contained code that you can just compile as a module and copy into your /lib/modules/`uname -r` tree. hell--'recent' may even be an example of such a module. general advice; however, is that if you add patches from PoM, you recompile both your kernel and your iptables userspace. this is true for more patches in PoM than it is untrue for. i (for one), prefer not to have a rash of ppl follow this ill advice and start posting messages of why none of their nat rules will apply any more. my 2c...from experience...and from trying to support the inexperienced... -j -- "Peter: You all know how observant I am. TV Announcer: And now back to Star Trek. Peter: Holy crap. Uhura's black?" --Family Guy
