On Friday 2010-09-24 00:30, Mr Dash Four wrote: >>> I am merely suggesting a fix for what should have been released in >>> the first place by correcting the value of secmark to show the >>> proper context instead of a number which means absolutely nothing to >>> anyone. >>> >> >> Exactly. Since the number is useless to most people, the procfs file >> practically never had the feature "display useful secmark". Which >> means that changing it is a feature addition rather than a bugfix. >> > Actually, no! The last time I checked this field was named secmark, not > secnumber! By its very name, secmark should have been displaying ... well ... > the secmark of that particular connection! In a way, it did display the secmark. :-) Just like ipt_LOG prints nfmark or IP addresses. The values may not mean much to the outside world, but that's what we have DNS and selctx (James's original naming) for. >What I cannot understand is this - why are you so stuck up on this >not getting corrected - are you afraid that if the secmark field bug >is fixed your precious conntrack-utils won't have as much appeal? It is not "my" conntrack-utils by any means. If users would not constantly insist on using outdated interfaces (and I _do_ grant things their transition time), and if maintainers would not always give in to these users, we would have less code to worry about, or even have these discussions. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html