Hi, On Apr 11 2007 18:33, Patrick McHardy wrote: > >The question whether to merge the time module came up repeatedely >at netfilter workshops, but it was always decided against it so far, >mainly because it apparently can't deal with timezones and daylight >saving time. Why, let iptables, or more precisely, ipt_time.c, handle timezones, and pass an UTC value to the kernel -- that's what it is best at dealing with. >IIRC Harald had strong feelings about it, I personally >don't care much about this shortcoming as long as its documented. >I'm not even sure its correct since the kernel has sys_tz. So if >anyone finds out and submits a patch, I'll consider it. > >> Though that leaves me puzzled why connlimit has not gone in yet >> (it all simplifies maintenance so much IMO). BTW, how about it? > >As I stated multiple times, the reason why its not included is that >its horribly slow. But since I don't see any better way to do this >and I know quite a few people are using this, I would consider this >as well if someone sends me a patch, which has not happened so far. So it's just that I need to pull the pomng code and make a diff out of it, is that all? (Plus any compilation and perhaps runtime fixes, of course.) Jan --
