ECN: Why just on/off? can one mangle that per iptables?
I have some thoughts about the ECN bit:
Why is it on per default when compiled in?
Normaly I would expect it to be off unless activated in proc, like
ip_forward or syn-cookie or lots of other stuff.
Why can one only turn it on/off?
I want it on normaly, but not for a few hosts or routes. Why can't I
enable it to eth0 but not for eth1?
Is there a way to mangle that bit (on or off) with iptables?
I would realy love that feature. I have one site which doesn't work
with ECN so I have to disable it. Why not catch all connects to that
site and disbale the ECN bit upon connect per ipchains?
I would like a package that comes with a blacklist of NON-ECN hosts
and disables those per ipchain with regular updates.
May the Source be with you.