[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

iptables extensions removed from package


In the most recent version of iptables, IPMARK and several other extensions 
were removed [1].

I disagree with this change, and contacted the maintainer about it by filing a 
bug report [2].  The maintainer declined to put the extensions back into the 
package, but provided no reason why, other than "I do not have to include any 
patch-o-matic extensions".

A historical version of the README.Debian file included with iptables [3] 
(it's no longer included in current versions) states that as many extensions 
as possible will be included in the package.  I think this is a great idea.

A recent dicussion on the netfilter-devel mailing list [4] discussed the fact 
that the patch-o-matic system is undergoing/has undergone a change in 
structure, whereas the actual patches are hosted on third-party sites rather 
than on netfilter.org.  I don't see why this would cause the extensions to be 
removed from the Debian package.

Am I missing something here?  Extensions such as IPMARK are stable and used by 
many in the community.  I don't understand why they have been removed from 
Debian.  I would like to see them put back into the mainstream so I don't 
have to maintain my own separate package.

What do you think?


2.  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=392998
3.  http://www.fifi.org/doc/iptables/README.Debian
4.  http://patchwork.netfilter.org/netfilter-devel/patch.pl?id=3456

Aaron Dummer

Reply to: