Eric W. Biederman wrote:
> Patrick McHardy <[email protected]> writes:
>
>>I seem to be missing something, the entire brnf_sysctl_call_tables
>>thing looks purely cosmetic to me, wouldn't it be better to simply
>>remove it?
>
>
> Well it is cosmetic in a user space visible way. Which means I don't
> have a clue which if any user space programs or scripts care if we change
> the behavior.
>
> I just looked in the git history and brnf_sysctl_call_tables has been
> that way since sysctl support was added to the bridge netfilter code.
>
> The only comment I can found about the addition is:
>
> 2003/12/24 19:32:34-08:00 bdschuym
> [BRIDGE]: Add 4 sysctl entries for bridge netfilter behavioral control:
> bridge-nf-call-arptables - pass or don't pass bridged ARP traffic to
> arptables' FORWARD chain.
> bridge-nf-call-iptables - pass or don't pass bridged IPv4 traffic to
> iptables' chains.
> bridge-nf-filter-vlan-tagged - pass or don't pass bridged vlan-tagged
> ARP/IP traffic to arptables/iptables.
>
> So since forcing the values to 0 or 1 doesn't seem hard to maintain
> I am uncomfortable with removing that check.
OK lets keep it then. Fixing the race seems overkill to me though.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
