On Mon, 2008-03-24 at 09:36 -0700, Tom Eastep wrote: > > Shorewall also needs it for traffic shaping. There are some things that > you can do with iptables that you cannot do with u32 filters.
Right. But you were to draw a line between Shorewall and "Routing and Shaping", does Shorewall need the mangle table? > So long as packet/connection marks are the "Linux Networking Kludge of > Last Resort", it is impossible to separate functions that use marks from > Netfilter/iptables (which means Shorewall for those of us who use it). Indeed. But if you can separate the tables needed for Shorewall and a "Shaping and Routing" package, that helps a routing/shaping package stand on it's own independent from Shorewall and gain some critical mass. Cooperation between the two packages would not be bad, to be sure, but shouldn't be necessary. Requiring Shorewall would be a barrier to acceptance of a Routing and Shaping management interface. If a Routing and Shaping package were to be created to release Shorewall of it's responsibilities there, I'd like to see it usable by those not wanting Shorewall. Just my $0.02. b.
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
