Dave Miner wrote:
...
I'd rather put it in terms of what I'd think would be the user
requirements:
- it should be easy for the user to make this selection in the context
of other tasks they'd be doing to configure the filtering feature. It
should be part of what they'd normally do to set other aspects of
filtering policy.
- it must not require a reboot or similarly serious discontinuity of
system services to take effect.
If you could meet those requirements putting it in /etc/system, or a
driver .conf file, then I wouldn't necessarily care.
Not in /etc/system (only read at reboot), but in a driver .conf file
(read when driver is loaded), yes.
Although it does mean unloading IPFilter if it is already loaded...no
service discontinuity.
There's currently no other supported mechanism to put persistant values
somewhere that are used to "tune" IPFilter.
Thanks,
Darren
_______________________________________________
networking-discuss mailing list
[email protected]
