24 Sep
2010
24 Sep
'10
6:10 p.m.
On 09/24/2010 12:01 PM, Eric Blake wrote:
On 09/23/2010 09:53 AM, Stefan Berger wrote:
The patch below reports a warning in the log if the generated ip(6)tables rules would not be effective due to the proc filesystem entries
/proc/sys/net/bridge/bridge-nf-call-iptables /proc/sys/net/bridge/bridge-nf-call-ip6tables
containing a '0'. The warning tells the user what to do. I am rate-limiting the warning message to appear only every 10 seconds.
ACK; looks like a reasonable way to warn about the issue, leaving the resolution in the user's hands to either update the kernel state or rewrite their nwfilter rules to not rely on iptables.
Pushed. Stefan