is ip6t_REJECT dead? stable?

David Madore david.madore at ens.fr
Thu Aug 25 02:53:42 CEST 2005


Hi,

I'd like to know about the status of the ip6t_REJECT patch which is
found in patch-o-matic-ng.  I'm not sure I know how to read subversion
logs, but it appears not to have changed in nearly a year, which, when
it comes to software, generally means "dead and possibly bitrotten".

So: is it dead?  Or has it simply reached a point of stability and
maturity such that it no longer needs to be updated?  If so, is it
stable enough to be in production use?  When is there a hope of seeing
it in mainline kernels?  (I'm currently doing my IPv6 firewall with
the DROP target, which is in all respects very unsatisfactory.)

PS: It would be highly useful if the iptables/ip6tables man pages
tried to indicate which targets, matches and whatnots are available in
mainline kernels and which need a special patch.  Especially as the
error messages are - uh - unhelpful.

Happy hacking,

-- 
     David A. Madore
    (david.madore at ens.fr,
     http://www.madore.org/~david/ )



More information about the netfilter mailing list