> >> >to be honest I wonder why they sort of seem to duplicate firewall rules, > >> >and aren't using the firewall engine which provides hooks in all the > >> >right places... > >> > >>That's a very good question. I'll try to an answer on that. > > >... > > I was told the module is built this way so that it can work even if > netfilter support has been removed from the kernel. I don't know whether > it's a valid concern or not. that sounds really lame to me to be honest. If a user wants network security surely he'll enable netfilter... (and all distros do) -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
