On Fri, 2022-02-18 at 23:23 +0100, Axel Beckert wrote: > Control: tag -1 - moreinfo > > Hi Ben, > > Ben Hutchings wrote: > > > What would be the impact if I don't disable this feature? Can you > > > please elaborate? > > > > Then the module will not report all the events that might be expected. > > I see. That's indeed not what I'd expected so far. [...]
Sorry, I read your question wrongly before. The impact if you *don't* disable the feature includes: - If nf_conntrack_netlink is loaded after iptables-netflow, the kernel will log a WARNING and disable NAT event reporting through iptables-netflow - If nf_conntrack_netlink is loaded before iptables-netflow and then removed, the kernel will disable NAT event reporting through iptables-netflow Ben. -- Ben Hutchings You can't have everything. Where would you put it?
signature.asc
Description: This is a digitally signed message part
