Re: [PATCH v2.1] conntrack: add /proc entry to disable helper by default

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Thu, Apr 12, 2012 at 06:06:11PM +0200, Eric Leblond wrote:
> Hello,
> 
> On Thu, 2012-04-12 at 17:26 +0200, Pablo Neira Ayuso wrote:
> > Hi Eric,
> > 
> > On Wed, Mar 28, 2012 at 03:19:50PM +0200, Eric Leblond wrote:
> > > This patch gives the user different methods to disable
> > > the attachment of helper to all connections on a given
> > > port. The idea is to allow the user to choose with the CT target
> > > the helper assignement he wants to have.
> > > 
> > > First method it to use the 'nf_conntrack_helper' option on the
> > > nf_conntrack module and set it to 0. As this is a constraint to do
> > > this at the time of the loading, a /proc entry is also available.
> > > Setting sys/net/netfilter/nf_conntrack_auto_assign_helper to 0 will
> > > disable the automatic assignement of the helper.
> > 
> > I have modified your patch a bit, please find the one I plan to apply
> > enclosed to this email.
> > 
> > I have also heavily rewritten the description. I decided to keep you
> > as author, if you're OK with it.
> 
> OK for authoring. I really like more the new description :)

I have enqueued this patch for net-next with some minor modification:
I've made the notice that is spotted one per-net aware.

I still have to extend the Netfilter news talking about the
deprecation, I'll try to make it tomorrow.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

Powered by Linux