> In the howto http://www.gentoo.org/doc/en/home-router-howto.xml, in > the setting of kernel some option marked as 's' and 'x'. I could > choose only '*' instead. Is this OK? My kernel is 2.6.11.
The '*' options are required for basic netfilter support. The iptable scripts you're using don't use any connection tracking support so they can be dropped (but if you plan on adding cxn tracking to your ipfilters it could be good to keep around). Nor are you matching on MAC address or performing REDIRECTs, so those can be dropped too. The LOG one is good to keep as you can log (debug) packets that are being dropped, so that is one I strongly suggest you keep. The 's' ones are for traffic shaping (throttling, etc.) which under the default setup you wouldn't take advantage of, so those can be dropped. -- gentoo-user@gentoo.org mailing list
