From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mark McLoughlin Subject: Re: [PATCH] bridge: make bridge-nf-call-*tables default configurable Date: Wed, 01 Jul 2009 11:45:58 +0100 Message-ID: <1246445158.598.30.camel@blaa> References: <1246379267.3749.42.camel@blaa> <20090630.201630.134200035.davem@davemloft.net> Reply-To: Mark McLoughlin Mime-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Cc: netdev@vger.kernel.org, herbert@gondor.apana.org.au To: David Miller Return-path: Received: from mx2.redhat.com ([66.187.237.31]:52628 "EHLO mx2.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752095AbZGAKqN (ORCPT ); Wed, 1 Jul 2009 06:46:13 -0400 In-Reply-To: <20090630.201630.134200035.davem@davemloft.net> Sender: netdev-owner@vger.kernel.org List-ID: On Tue, 2009-06-30 at 20:16 -0700, David Miller wrote: > From: Mark McLoughlin > Date: Tue, 30 Jun 2009 17:27:47 +0100 > > > For these reasons, it makes sense to allow distributions to disable > > netfilter on the bridge by default and require those specialized users > > to enable it explicitly via sysctl. > > I heard that distributions ship some file, what's it called... > something like /etc/sysctl.conf :-) > > Really, if someone thinkgs the default stinks and dists don't like it > for their users, they can use sysctl.conf to set it how they please. If upstream agrees the default stinks, then upstream could start making moves towards rectifying it :-) I like Patrick's idea of adding it to feature-removal-schedule > Notwithstanding that changing this default can break working > setups and scripts. Yes they can "change", but they were just > (rightly) using the kernel as it came to them. Yep, that's a valid concern. Weighing up the impact on the small number of people who use it versus the ongoing impact on everyone else, I think it's best to make the change. Cheers, Mark.