On Sun, Mar 03, 2002 at 03:00:03AM +0100, Andras Kis-Szabo wrote: > Hi, > > There are some strange header files under the > userspace/include/linux/netfilter_ipv6 directory! > > ip6t_REJECT.h
what's strange about it? It is there to make sure we can compile the libip6t_REJECT module even if there is no REJECTv6 patch applied. > ip6t_owner.h > - these two headers are already submited into the kernel tree. They can be > found in the 2.4.14 patch and belongs to their main extensions. yes. but we even want to compile libip6t_owner.so in case somebody is running a pre-2.4.14 kernel, don't we. > ip6t_length.h > - it can be found here and the patch of this extension contains this file, > too. > These files are duplicated (in the userspace/include and in the > linux-kernel/include directoryes) > The limit and the owner are identical(?). Yes. The idea is to make all the libip(6)t_XXX.so compile on systems even where the respective kernel counterpart is not installed yet. This is mostly because people are using binary RPMS / dpkg's which are precompiled. Then, later, we introduce a new feature to the kernel and they would be unable to use their pre-built iptables package with those new extensions. > The REJECT header files are differs: > IP6T_ICMP6_NOT_NEIGHBOUR and IP6T_ICMP6_ECHOREPLY rejection options! > (The library code remained consistat, it does not support this 2 types, yet) REJECTv6 is broken anyway, I need to fix this. > regards, > kisza -- Live long and prosper - Harald Welte / [EMAIL PROTECTED] http://www.gnumonks.org/ ============================================================================ GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M+ V-- PS++ PE-- Y++ PGP++ t+ 5-- !X !R tv-- b+++ !DI !D G+ e* h--- r++ y+(*)
