Patrick McHardy wrote:

> Pablo Neira wrote:
>
>> I've renamed all NFC_* stuff != NFC_UNKNOWN to NFC_UNKNOWN. So people 
>> using ct_sync won't complain about this again. I see this as a first 
>> step to remove the old behaviour of nfcache. Please, see the patch 
>> attached.
>
>
> Why didn't you remove it entirely instead ?


true :), patch attached. I've gzip'ed it, it's too big for sending it in 
clear text.

Next step, what do you think about removing nfcache passed as parameter 
from the iptables API?

--
Pablo