Thomas Jarosch wrote:
> Philip,
>
> On Wednesday, 13. February 2008 06:01:45 you wrote:
>   
>> I was using this module recently (added support to
>> arno-iptables-firewall and bundled it into AstLinux).  Works great.  A
>> real lifesaver.
>>
>> But I did have a couple of minor suggestions to make it more usable.
>>
>> Can the person who maintains it please contact me?
>>     
>
> Just post to this list, they will hear you.
>
> Though general discussions are better suited for
> the "netfilter" list if it's not development related.
>
> Thomas
>   

Ok.  I had a simple patch I'd like to see included that makes debugging 
output dependent on a load-time module parameter, i.e. "debug=1".

It's trivial.

I was also thinking that SIP typically either used as a single port 
(5060), or as a block of ports (5060:5080).

Allowing specifying eight individual sparse ports isn't really useful.

Specifying 4 ranges of ports would be a lot more handy.

How easily could this be done?

I'm working on the AstLinux project (http://www.astlinux.org) and we are 
releasing 0.60 to come with a couple of different firewall options that 
will both leverage this module.  In most of the deployments of AstLinux, 
our operational experience shows that one or two blocks of 5-40 ports is 
typical (i.e. 95% of all cases).

Thanks,

-Philip