(forw) Re: Ack/Fin packets dropped.
Alexander Demenshin
Alexander Demenshin <aldem-nf@aldem.net>
Sun, 29 Jul 2001 11:18:53 +0200
On Sat, Jul 28, 2001 at 08:16:54AM +0200, Patrick Schaaf wrote:
> > I wonder why this is (still) not configurable via /proc/sys/net interface...
>
> The usual reason is "don't confuse the user with too many buttons", and
> "don't confuse us by making bug reports even more unreliable".
This is clear, but this discussion was over long time ago, I believe...
/proc/sys/* is _not_ like button, it is visible only to those who look.
Sure, often those who look _may_ recompile the kernel, but sometimes
this is inconvenient... Anyway, in /proc/sys/net/ipv4/* you can find
lot of options which (even) may broke the standards (well, RFCs),
but those are still there. In ideal world, it would be a good idea
"not to confuse", but we are in _real_ world :)
iptables' syntax and packet flow in kernel is also something that
can confuse even advanced users, not only casual users, so two more
"buttons"... ip_conntrack_max is included, for instance, so...
Really, I would like to know where is the problem to include this
in sysctl - is it politics or just absense of time. So far there was
no clear explanation (except for "extra button" one, which is, IMHO,
very bad analogy).
I would like to note - this is _not_ something that might be considered
"new feature", so I see no reason why it cannot be accepted in core code.
Core team: any comments?
Regards,
/Al