On 7/18/06, Can Erkin Acar <[EMAIL PROTECTED]> wrote:
No, needless complexity is a compile time option that makes it impossible to know whether a given installation needs the block rule or not.
Good point.
packets are sent using bpf(4) so ruleset does not really matter.
Every day a school day! -- ``I am not a pessimist. To perceive evil where it exists is, in my opinion, a form of optimism.'' -- Roberto Rossellini http://www.lightconsulting.com/~travis/ -><- GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098 0C55 1484