Kernel Changes

Kernel Changes

This is a summary of the main changes in the kernel that diverge from mainline.

• added net/netfilter/xt_qtaguid*
• imported then modified net/netfilter/xt_quota2.c from xtables-addons project
• fixes in net/netfilter/ip6_tables.c
• modified ip*t_REJECT.c
• modified net/netfilter/xt_socket.c

A few comments on the kernel configuration:

• xt_qtaguid masquerades as xt_owner and relies on xt_socket and itself relies on the connection tracker.
• The connection tracker can't handle large SIP packets, it must be disabled.
• The modified xt_quota2 uses the NFLOG support to notify userspace.