Mike Kasick <mkasick-nf@xxxxxxxxxxxxxxx> writes: > iptables -A OUTPUT -o eth1 -m statistic --mode random --probability 0.5 -j DROP > > has the side effect of returning EPERM for write/send syscalls for which > packets are dropped. It would make more sense if DROP dropped silently and REJECT returned EPERM. Hard to fix now, of course. /Benny - To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
