[lug] iptables redirection
Sean Reifschneider
jafo at tummy.com
Tue Jan 9 00:22:44 MST 2007
On Sun, Jan 07, 2007 at 11:05:37AM -0700, George Sexton wrote:
>just be pure overhead. It would be simpler and more efficient to just
>remove the requirement from the kernel, and run a custom kernel.
More efficient, probably, but simpler? As someone who has tracked custom
kernels with my patches in them, I'm a skeptic. This always seems to be a
big can of worms, particularly when the code you are patching changes.
You can probably do it with SELinux. However, on one box I have running
it, I'm not getting SELinux alerts about it if I try to bind to <1024 as a
user.
Sean
--
Fire at the celuloud factory. No film at eleven.
-- _Kentucky_Fried_Movie_
Sean Reifschneider, Member of Technical Staff <jafo at tummy.com>
tummy.com, ltd. - Linux Consulting since 1995: Ask me about High Availability
More information about the LUG
mailing list