Alpine 1.7.29 beta should hit the mirrors shortly

Removed packages:

   ipsec-tools-cvs-20081023
   zaptel-1.4.9.2


New pacakges:
    dahdi-tools-2.1.0
    espeak-1.40.02



The full list of updated packages is at

http://wiki.alpinelinux.org/w/index.php?title=Release_Notes_for_Alpine_1.7.29 







---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---

Nathan Angelacos wrote:
>
> Alpine 1.7.29 beta should hit the mirrors shortly
>

Any chance to re-include layer7 support in the kernel ????

Cheers

Harry.




---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---

On Sat, 2008-12-27 at 00:00 +0200, Harry Lachanas wrote:
> Nathan Angelacos wrote:
> >
> > Alpine 1.7.29 beta should hit the mirrors shortly
> >
> 
> Any chance to re-include layer7 support in the kernel ????

Hi,

I'm back from vacation.

I'm looking to it but I have the following feeling:

* it increases maintenece work as the kernel needs to be manually
patched for every new release. The chance is fairly big that patch won't
apply to the grsecured kernel. (havent tried though)

* it might slow us down. If we want/need upgrade to a newer kernel, we
mignt not be able to do so until l7-filter have a patch for the kernel
we want. (looks like latest l7-filter is for 2.6.25 and *hopefully* for
newer kernels)

* it will require that iptables is patched as well.

* there are generally good reason patches are not included in mainline
kernel.

So to sum up, it looks to me that it give me more work and increses risk
that things break.

How about we wait with it and re-evaluate after we got new build env
bootable?

Timo: what do you think about l7-filter?

Thanks!

-nc



---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---

>> Any chance to re-include layer7 support in the kernel ????
>>     
>
> Hi,
>
> I'm back from vacation.
>   
Nice to hear from U nc!  :-) However vacation was rather short ( as 
always ) :-(
anyway,
Wish U all the best for the holidays  !!!
> I'm looking to it but I have the following feeling:
>
> * it increases maintenece work as the kernel needs to be manually
> patched for every new release. The chance is fairly big that patch won't
> apply to the grsecured kernel. (havent tried though)
>
> * it might slow us down. If we want/need upgrade to a newer kernel, we
> mignt not be able to do so until l7-filter have a patch for the kernel
> we want. (looks like latest l7-filter is for 2.6.25 and *hopefully* for
> newer kernels)
>
> * it will require that iptables is patched as well.
>
> * there are generally good reason patches are not included in mainline
> kernel.
>
> So to sum up, it looks to me that it give me more work and increses risk
> that things break.
>   
I cannot disagree with U nc!
However in my opinion l7-layer is useful for protocol  centered  shaping 
and not for protocol blocking ( even though one cat do that also ).
I am not aware of any other tool that detects protocols from packet 
inspection ( don't forget the strange p2p, or ftp protocols etc  ).
So if shaping ( as in my case ) through protocol detection is required,  
then we need a tool that can do that.
I remind U that ipp2p code ( as I found out in my tests ) is probably 
screwed up by the maintainer and not functional anymore.
> How about we wait with it and re-evaluate after we got new build env
> bootable?
>
>   
The sooner the better ( I hope that the management tools will remain 
compatible, being able to boot from the new CD and read the old config 
from a writable media and  be close to 100% operational would be a major 
requirement and success ).

Cheers
Harry.




---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---