Hi, On Mon, 30 Jun 2008, Patrick McHardy wrote: > History has repeatedly shown that out of tree patches are buggy > and cause more problems than they solve, which is why there > is no interest from the netfilter team in maintaining external > patches (with the one exception of ipset, which is not considered > ready for upstream yet by Jozsef, its author). The reason why I haven't been considering ipset ready for kernel inclusion is actually simple: the current ipset framework is not flexible enough due to the rigid kernel<->userspace communication method and it does not support IPv6 at all. As I had expected to be ready with the next generation of ipset (codename nfset) more soon, I have been refraining to submit ipset for kernel inclusion. nfset is finally getting shape, by the end of summer it'll be released. So the reason not to submit ipset is stronger than ever. In order to make life easier, as I apply the patches sent by Swen, there'll be a new, "standalone" version of ipset, i.e. it'll be possible to use it without patch-o-matic-ng. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
