Linus, please apply v2.3.99-pre6.
This finally alters the FORWARD policy to ACCEPT (you can override it
if iptable_filter is a module with `forward=0'). People have
/proc/sys/net/ipv4/ip_forward to control forwarding, and this extra
trickiness just frustrated and confused people.
Rusty.
diff -urN --minimal --exclude *.lds --exclude *.ps --exclude *.pdf --exclude
*.sgml --exclude *.tex --exclude *.aux --exclude *.log --exclude classlist.h
--exclude devlist.h --exclude autoconf.h --exclude compile.h --exclude
version.h --exclude .* --exclude *.[oa] --exclude *.orig --exclude config
--exclude asm --exclude modules --exclude *.[Ss] --exclude System.map --exclude
consolemap_deftbl.c --exclude *~ --exclude TAGS --exclude tags --exclude
modversions.h --exclude install-kernel
linux-2.3.99-pre-6-2-rusty/net/ipv4/netfilter/iptable_filter.c
working/net/ipv4/netfilter/iptable_filter.c
--- linux-2.3.99-pre-6-2-rusty/net/ipv4/netfilter/iptable_filter.c Wed Apr
5 18:44:00 2000
+++ working/net/ipv4/netfilter/iptable_filter.c Thu Apr 27 11:48:47 2000
@@ -121,8 +122,8 @@
NF_IP_PRI_FILTER }
};
-/* Default to no forward for security reasons. */
-static int forward = NF_DROP;
+/* Default to forward because I got too much mail already. */
+static int forward = NF_ACCEPT;
MODULE_PARM(forward, "i");
static int __init init(void)
--
Hacking time.
|