[lug] iptables redirection

Sean Reifschneider jafo at tummy.com
Tue Jan 9 00:22:44 MST 2007

On Sun, Jan 07, 2007 at 11:05:37AM -0700, George Sexton wrote:
>just be pure overhead. It would be simpler and more efficient to just 
>remove the requirement from the kernel, and run a custom kernel.

More efficient, probably, but simpler?  As someone who has tracked custom
kernels with my patches in them, I'm a skeptic.  This always seems to be a
big can of worms, particularly when the code you are patching changes.

You can probably do it with SELinux.  However, on one box I have running
it, I'm not getting SELinux alerts about it if I try to bind to <1024 as a

 Fire at the celuloud factory.  No film at eleven.
                 -- _Kentucky_Fried_Movie_
Sean Reifschneider, Member of Technical Staff <jafo at tummy.com>
tummy.com, ltd. - Linux Consulting since 1995: Ask me about High Availability

More information about the LUG mailing list