FYI,
I upgraded to iptables-1.2.6a (user & kernel-2.4.18 patches)
and got the following (maybe known) problems:
- QUEUE target is NOK with kernel compiled with CONFIG_IP_NF_QUEUE=m
=> the packets are queued, but ipq_create_handle() returns
"can't create netlink socket"
"ERROR: Unable to create netlink socket: Connection refused"
(problem with exported symbols?)
=>quick fix: compile kernel with CONFIG_IP_NF_QUEUE=y
- ipqmpd-0.3: default verdict NF_ACCEPT is not applied when no
process has attached to it. In fact ipqmpd starts, but it seems
that it never receives any packet (in ipq_inp). When one process
attaches to it, with a mark different from the queued packet, then
the default NF_ACCEPT is applied correctly. When all processes have
detached from ipqmpd, the default NF_ACCEPT continues to be applied
correctly.
kr,
_______________________________________________________________________
-jmhe- He who expects nothing shall never be disappointed
