2.5.67 -- questions about netfilter config options

• Next message: Andrew Morton: "2.5.67-mm1"
• Previous message: Jurriaan: "cannot mount reiserfs-partition with 2.4.21-pre7 (works fine with 2.5.*)"
• Next in thread: Harald Welte: "Re: 2.5.67 -- questions about netfilter config options"
• Reply: Harald Welte: "Re: 2.5.67 -- questions about netfilter config options"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

  [while i'm discussing these things on the netfilter mailing
list, i figure at least a few folks here might be helpful.]

  i'm trying to clarify the purpose and interdependence of
the NF config options, and perhaps document them more clearly
in their associated help screens. to that end, i'm confused
by the way some options can be selected without other
options that would seem to be obvious dependencies.
to wit:

1) currently, it's possible to select the single option
   "IP tables support" without any other options *anywhere*
   in that menu. what value does this have?

   if you look down the submenu for that option, you see
   "Packet filtering", which suggests you can ask for
   "IP tables support" but still not have any ability to
   set up any filtering rules. sort of strange. it seems
   odd that you can select to support limit matches,
   TTL matches, etc., without actually having basic
   "Packet filtering" support built in. what does this
   mean?

   one possibility is that, according to the help info,
   "IP tables support" is necesasry for masq/NAT. if
   this is true, it leads into my next question ...

2) currently, it's possible to select "Connection tracking"
   without "IP tables support", even though the latter is
   listed as being essential for masq/NAT as well.

   what is the value of selecting only "Conenction tracking"
   in the entire NF config menu? that is, what does it allow
   you to do if not masq/NAT?

i guess i'm trying to clarify whether there should be more
dependencies in the underlying config structure, or it not,
what it means to select some of these options but not others.

thoughts?

rday

p.s. is there a reason that almost all of the options
are listed as "(NEW)" in the config menu? they weren't
even labelled that way in the 2.4.20 kernel. how is it
that they're suddenly "NEW" now?

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Andrew Morton: "2.5.67-mm1"
• Previous message: Jurriaan: "cannot mount reiserfs-partition with 2.4.21-pre7 (works fine with 2.5.*)"
• Next in thread: Harald Welte: "Re: 2.5.67 -- questions about netfilter config options"
• Reply: Harald Welte: "Re: 2.5.67 -- questions about netfilter config options"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Tue Apr 15 2003 - 22:00:15 EST