Herbert, I should have said this earlier This patch is seen as critically necessary by our security auditor for the VPN network we run on Debian if we are to use the new IPSEC. We are talking about 60 boxes... He does not want to rely on the SPD to keep packets injected off the external ethernet out. You can understand why I am recommending it for inclusion. Thanks, Matthew Grant On Thu, 2004-04-01 at 22:13, Herbert Xu wrote: > On Thu, Apr 01, 2004 at 04:47:17PM +1200, Matthew Grant wrote: > > > > I have also posted these patches to the netfilter-devel list up at > > lists.netfilter.org. > > I'd like to see some comments from the netfilter team first. > > Cheers, -- =============================================================================== Matthew Grant /\ ^/\^ grantma@anathoth.gen.nz /~~~~\ A Linux Network Guy /~~\^/~~\_/~~~~~\_______/~~~~~~~~~~\____/******\ ===GPG KeyID: 2EE20270 FingerPrint: 8C2535E1A11DF3EA5EA19125BA4E790E2EE20270==
Attachment:
signature.asc
Description: This is a digitally signed message part