Hello Herbert,
> This patch might help:
>
> ---8<---
> Subject: route: Use ipv4_mtu instead of raw rt_pmtu
thank you very much for looking into this. With your patch applied I was not
able to reproduce the problem anymore.
Could you take care of getting this into mainline and stable?
Thanks.
Hi,
my colleagues recently reported that they had spurious problems connecting
to a specific server via ssh. Investigation showed that the kernel completely
ignored the ICMP dest. unreachable / fragmentation needed packets in this case:
client.45662 > server.22: Flags [S], seq 3738194662, win 29
Hi,
> > Linux router:
> > - does NAT for the LANs
> > - runs local processes communicating with the WAN/Internet
>
> I understand this requirement; unfortunately when i polled for features
> majority of people who emailed back were asking for the other things.
> I have changed my opinion a little
> > > IMHO, it is bad security policy to allow wake on lan to enabled by
> > > default. The sky2 driver doesn't do WOL until enabled with ethtool.
> >
> > While in general I agree with you on the security principle, this seems
> > like it might break working setups.
> >
> > WOL is a partnership bet
Hi,
> > > Since in this scenario userspace is able to determine ppp vs pptp,
> > > could you not also do something like have an inbound_ppp and
> > > inbound_pptp chain, then jump to the appropriate chain depending on
> > > type? If you need per-interface rules, then create an inbound_pppX
> > >
Hi,
> This is the latest set patches for netfilter IPsec support.
> The use of netif_rx for the innermost SA if it used transport
> mode has been replaced by explicit NF_HOOK calls in
> xfrm{4,6}_input.c.
Could you please describe the solution you implemented a bit more? There was
just so many b
