What happens to the new /nf(s)_conntrack
If anything, secmark=x be removed. Abusing procfs is deprecated.
No userspace program depends on it.
I've just read the above again. Are you actually suggesting that no
program in userspace uses /proc/net/nf_conntrack? If so, you are
mistaken my friend!
I use it a lot via 'cat' and Shorewall (via 'shorewall show
connections'). I use it for one particular reason - to track SELinux
contexts (text, NOT numbers!) on active connections.
So, am I going to see the SELinux context for each connection in text
without the need to use conntrack-utils or not (simple 'yes' or 'no'
answer will do)?
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html