On Fri, 5 Aug 2005 12:32:44 -0500 (CDT) "Khan St. Preest" <[EMAIL PROTECTED]> wrote:
> I was really hoping > they would finally be included in TSL 3.0 but alas they are not > -- unless I missed something. I'm not complaining, just asking > this community that I've come to trust about my preferred > distribution -- is it really that hard to include these modules > in Trustix? Are these modules experimental or otherwise > untrustworthy in some way that I should know about before > placing my trust in ip6tables to protect my IPv6 networks? ipv6 REJECT is marked experimental. (see http://www.netfilter.org/patch-o-matic/pom-base.html#pom-base-REJECT) I don't remember the actual reason, but you could search for it in the netfilter ml-archives. There will be a new v4/v6/x conntrack system (see http://www.netfilter.org/patch-o-matic/pom-extra.html#pom-extra-nf_conntrack), this seems to be the thing, suse has "tested" in their kernels. So no, I don't think we'll see both in TSL in near future. Patching your own kernel is another thing.. Olaf _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
