Jan Engelhardt schrieb: > It kinda brings me the question why the ipsec transformation is > not done with an xtables target instead; that would also give > handy access to connection tracking if needed. And simplify firewalling A LOT :-) BTW: Anybody has a working ipsec match these days or is this known broken? Best regards Ingo Oeser -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
