2015-04-22 14:14 GMT+02:00 Lennart Poettering <lenn...@poettering.net>: > On Wed, 22.04.15 14:09, Michael Biebl (mbi...@gmail.com) wrote: > >> 2015-04-22 13:57 GMT+02:00 Lennart Poettering <lenn...@poettering.net>: >> >> Maybe we should simply list the iptables kernel modules in >> >> src/core/kmod-setup, and then tell people to blacklist them if they >> >> really don't want them. >> > >> > I have made such a change now: >> > >> > http://cgit.freedesktop.org/systemd/systemd/commit/?id=1d3087978a8ee23107cb64aa55ca97aefe9531e2 >> >> Not everyone is using networkd or nspawn though, so loading this >> module for everyone is a bit excessive. > > Well, then blacklist the module or don't build it at all.
That's the wrong way around. >> Why non let nspawn and networkd complain loudly if iptables support is >> missing? >> This would also be better in case you have a kernel compiled withouth >> iptables support. > > For the same reason that iptables doesn't complain loudly but loads > it. To be user-friendly and just make things work? iptables loads it on-demand, If nspawn or networkd would load it on-demand, I would have no problem with it. -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel