From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 8B3D81396D9 for ; Sat, 28 Oct 2017 19:01:54 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id EDCADE0E62; Sat, 28 Oct 2017 19:01:48 +0000 (UTC) Received: from w1.tutanota.de (w1.tutanota.de [81.3.6.162]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 7EB4BE0DFF for ; Sat, 28 Oct 2017 19:01:48 +0000 (UTC) Received: from localhost (unknown [127.0.0.1]) by w1.tutanota.de (Postfix) with ESMTP id DF0FDFB1B07 for ; Sat, 28 Oct 2017 19:01:46 +0000 (UTC) Received: from w1.tutanota.de ([127.0.0.1]) by localhost (w1.tutanota.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yrzXdKsBfNmm for ; Sat, 28 Oct 2017 21:01:46 +0200 (CEST) Received: from w1.tutanota.de (unknown [192.168.1.162]) by w1.tutanota.de (Postfix) with ESMTP id 68BF1FB1BF8 for ; Sat, 28 Oct 2017 19:01:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tutanota.com; s=20161216; t=1509217306; bh=ah/NScWaekznXV0M0mzxYENFfKMJQ2Ui5WPL/IN+ufM=; h=Date:From:To:In-Reply-To:References:Subject:From; b=1qbBRKMQrilYcvxcKA/McEsd3dCLjAdXGdbQgvMhVNlhk4CEl8gFbN+kygFn3NJ1z sert1+7cSWsYKiVJVk3yqjpw4fwMb73gqhfMKbQyj9UGtUl1WfkMYp1RTF4kQ8bqON 9QVyA84mVIqJGfjZZFDsOR7at6EjjPGEqBbWm5VHVrC+kyyGbdpHrFKgjGCnRBZtmN YwWzbrXfWGWeQOAwCQv/0Off5dYuFHyVH9343JNmkZ55FDN4V1yju6gripWUaHzBjA /f4BNb6qbASz4tugvusWMSAlkeRlWSbHaGZdkex+NHs7K82KNY2lrWV6nCCENszsrQ FzjZBlRYxGPMQ== Date: Sat, 28 Oct 2017 21:01:46 +0200 (CEST) From: To: Message-ID: In-Reply-To: References: <> <> <> Subject: Re: [gentoo-user] Re: systemd: "local system does not support BPF/cgroup based firewalling" Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_168361_1845329134.1509217306399" X-Archives-Salt: a733f9fe-66f3-4f5d-81bc-fcfc7c1b9f65 X-Archives-Hash: d6883db56d695d3140919815a32f843b ------=_Part_168361_1845329134.1509217306399 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable updating the kernel is a really good idea, recent kernels have corrected a = number of serious security issues that are definitely=C2=A0 real and exploi= table. mad.scientist.at.large (a good madscientist) -- "The U.S. intelligence community concluded in a report made public in Janua= ry that the Kremlin sought to disrupt the 2016 election and sway the race i= n Trump's favor."=C2=A0 From "thehill.com".=C2=A0 Only Trump and his duplic= itous supports try to say it was Clinton who conspired.=C2=A0 Frankly Trump= is likely guilty of treason, the sooner he's impeached and indited the bet= ter, along with ALL of his supporters in goverment. 28. Oct 2017 12:58 by caneko@gmail.com: > On Sat, Oct 28, 2017 at 1:44 PM, Nikos Chantziaras <> realnc@gmail.com> >= wrote: > > > > There is no such kernel option. > > Yes, there is[1]. However, there is no such option for kernel version 4.9= [2], although there is for 4.10[3]. I think that's the problem, for using t= he firewall BPF options of systemd, you'll need to use kernel version >=3D = 4.10.> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> > -- > Dr. Canek Pel=C3=A1ez Vald=C3=A9s > Profesor de Carrera Asociado C > Departamento de Matem=C3=A1ticas > Facultad de Ciencias > Universidad Nacional Aut=C3=B3noma de M=C3=A9xico ------=_Part_168361_1845329134.1509217306399 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable updating the kernel is a really good idea, recent kernels have corrected a = number of serious security issues that are definitely  real and exploi= table.

mad.scientist.at.large (a good madscientist)
--
"The U.S. intelligence community concluded in a report made publ= ic in=20 January that the Kremlin sought to disrupt the 2016 election and sway=20 the race in Trump's favor."  From "thehill.com".  = Only Trump and his duplicitous supports try to say it was Clinton who consp= ired.  Frankly Trump is likely guilty of treason, the sooner he's impe= ached and indited the better, along with ALL of his supporters in goverment= .


28. Oct 2017 12:58 by caneko@gmail.com:
=
On Sat, Oct 28, 2017 a= t 1:44 PM, Nikos Chantziaras <realnc@gmail.com> wrote:
>
> There is no such kernel option.

Yes, there is[1= ]. However, there is no such option for kernel version 4.9[2], although the= re is for 4.10[3]. I think that's the problem, for using the firewall BPF o= ptions of systemd, you'll need to use kernel version >=3D 4.10.
>= >>>>>>>>>>>>>>>>>>>= ;>>>>>>>>>>>>>>>>>>&g= t;>
--
Dr. Canek Peláez Valdés
Profeso= r de Carrera Asociado C
Departamento de Matemáticas
Facult= ad de Ciencias
Universidad Nacional Autónoma de México
------=_Part_168361_1845329134.1509217306399--