James Morris wrote:
quoted text
> On Mon, 21 Jul 2008, Patrick McHardy wrote:
>
>   
>> This is only the NETFILTER_ADVANCED=n default (for SECURITY=y).
>> The netfilter defaults for NETFILTER_ADVANCED=n should be m/y for
>> things that are needed by mainstream distributions for normal
>> usage.
>>
>> I'm not sure how this is going to be used, James?
>>     
>
> I think the idea now is that everything new is N by default, but the 
> intention is to have this enabled in Fedora/RHEL.

Well, this option (NETFILTER_ADVANCED) was introduced specifically
so Linus doesn't have to go through and enable all the netfilter
options manually :)

The idea was that NETFILTER_ADVANCED=n enables everything needed
by mainstream distributions and hides the rest. We can certainly
change the default for this option, but that makes NETFILTER_ADVANCED
pretty much useless.

quoted text
> Patrick, would you please fix this up?  The only dev box I have access to 
> at the moment doesn't boot with recent git (I think it's the macbook2 
> issue).

Sure. I'd like to hear whether Linus still wants this changed though.


--
unsubscribe notice
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/