Paul Gear wrote:
Tom Eastep wrote:... Unfortunately, ipsets still require kernel patching but they are by far the best mechanism available for maintaining large and/or dynamic sets of IP addresses and/or IP-Address/port pairs.Why are ipsets taking so long to become an accepted part of netfilter?
Because the implementor (Jozsef Kadiecsik) wants to make changes before final release but has no time to work on Open Source.
-Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
