From: Bruce S. <bw...@ar...> - 2004-04-12 00:36:03
|
... [snip happens] ... > So, why is ip_dynaddr set to 7 in the DL firewall? Because it seemed like a good idea at the time? :-) Historically, much of the code in the firewall scripts was "borrowed" from other Linux firewall distributions, and modified to suit us. I'll bet you'll find "7" used in other distros too. I checked the kernel source code and the only values used now are: zero, one, and anything greater than one. (=0, =1, >1) "greater than one" seems to be what we want to do, and since 7 > 1, the existing code should work fine. I'll change it to "2" in the 1.1 CVS, so the same question/confusion doesn't happen again. Thanks for double checking our firewall scripts! Let us know if you find anything else you don't think is correct. - BS |