From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-180537-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id E4C1E1396D9
	for <garchives@archives.gentoo.org>; Sat, 28 Oct 2017 19:06:18 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 0DC1B2BC12B;
	Sat, 28 Oct 2017 19:06:14 +0000 (UTC)
Received: from w1.tutanota.de (w1.tutanota.de [81.3.6.162])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 8F6022BC123
	for <gentoo-user@lists.gentoo.org>; Sat, 28 Oct 2017 19:06:13 +0000 (UTC)
Received: from localhost (unknown [127.0.0.1])
	by w1.tutanota.de (Postfix) with ESMTP id 75CB1FB1AE6
	for <gentoo-user@lists.gentoo.org>; Sat, 28 Oct 2017 19:06:12 +0000 (UTC)
Received: from w1.tutanota.de ([127.0.0.1])
	by localhost (w1.tutanota.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 2yTgqUWEyRrH for <gentoo-user@lists.gentoo.org>;
	Sat, 28 Oct 2017 21:06:10 +0200 (CEST)
Received: from w1.tutanota.de (unknown [192.168.1.162])
	by w1.tutanota.de (Postfix) with ESMTP id BAAD1FB1BA1
	for <gentoo-user@lists.gentoo.org>; Sat, 28 Oct 2017 19:06:08 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tutanota.com;
	s=20161216; t=1509217568;
	bh=GQwNEXnZSmS0nnK43BGIgiWeg+CzmmfKV0gGQM0kF6I=;
	h=Date:From:To:In-Reply-To:References:Subject:From;
	b=zcx2FUg6xlRRlE1SHMJz213/5s5ZpgYHu8KCG7YThJya4cHGH1Va+n68xIvz5bQFe
	 CvTmvTREXROCnYwha13LNLRqQeJAR0eCKAvdRUwX4cF6xUNss0+TTo9RNTwioj2iAG
	 3++z+UEWqZK7HskZ17Uteo4cH8WMmvToYDeiJyRwTttEmsa0/3EIPlSVWIE5L132r6
	 TgNOX9GAHAnm8FgWIyKSzTpjHwYbNxwBfB0GDlGgLFsuK4o36HLd7P/F2qoqAAPJzD
	 1MbjZEOEqErHnPoWJMryHufi67a/BTtu9RSpSq3y7jYmJXnyCil+WsHkF5zplUThM1
	 4VHLnnjZvnRdA==
Date: Sat, 28 Oct 2017 21:06:08 +0200 (CEST)
From:  <mad.scientist.at.large@tutanota.com>
To:  <gentoo-user@lists.gentoo.org>
Message-ID: <KxZN7Ov--3-0@tutanota.com>
In-Reply-To: <CADPrc81+qub=fdU7gJDB+KLWv5wA+SL3wOR-s2N2EO=wYHXJ3w@mail.gmail.com>
References: <ot2gog$nh9$1@blaine.gmane.org> <<ot2gog$nh9$1@blaine.gmane.org>> <CADPrc802w2xLW5wWrb-+curZacEXb4ei9k9R+wuqpiFeiCN2Yg@mail.gmail.com> <<CADPrc802w2xLW5wWrb-+curZacEXb4ei9k9R+wuqpiFeiCN2Yg@mail.gmail.com>> <ot2j6m$64g$1@blaine.gmane.org> <<ot2j6m$64g$1@blaine.gmane.org>> <CADPrc81+qub=fdU7gJDB+KLWv5wA+SL3wOR-s2N2EO=wYHXJ3w@mail.gmail.com>
Subject: Re: [gentoo-user] Re: systemd: "local system does not support
 BPF/cgroup based firewalling"
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: multipart/alternative; 
	boundary="----=_Part_168422_67914811.1509217568747"
X-Archives-Salt: dfa54e4c-4065-440a-8c6a-3b561f57cc85
X-Archives-Hash: 2fd9bc40d8213826909b35c5fac6a993

------=_Part_168422_67914811.1509217568747
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

you should update the kernel anyway.=C2=A0 some serious security holes have=
 recently been found and corrected in the newest kernel.

mad.scientist.at.large (a good madscientist)
--
"The U.S. intelligence community concluded in a report made public in Janua=
ry that the Kremlin sought to disrupt the 2016 election and sway the race i=
n Trump's favor."=C2=A0 From "thehill.com".=C2=A0 Only Trump and his duplic=
itous supports try to say it was Clinton who conspired.=C2=A0 Frankly Trump=
 is likely guilty of treason, the sooner he's impeached and indited the bet=
ter, along with ALL of his supporters in goverment.


28. Oct 2017 12:58 by caneko@gmail.com:


> On Sat, Oct 28, 2017 at 1:44 PM, Nikos Chantziaras <> realnc@gmail.com> >=
 wrote:
> >
> > There is no such kernel option.
>
> Yes, there is[1]. However, there is no such option for kernel version 4.9=
[2], although there is for 4.10[3]. I think that's the problem, for using t=
he firewall BPF options of systemd, you'll need to use kernel version >=3D =
4.10.
> Regards.
> [1] > https://github.com/torvalds/linux/blob/master/init/Kconfig#L848> [2=
]=C2=A0> https://github.com/torvalds/linux/blob/v4.9/init/Kconfig> [3] > ht=
tps://github.com/torvalds/linux/blob/v4.10/init/Kconfig#L1157
> --
> Dr. Canek Pel=C3=A1ez Vald=C3=A9s
> Profesor de Carrera Asociado C
> Departamento de Matem=C3=A1ticas
> Facultad de Ciencias
> Universidad Nacional Aut=C3=B3noma de M=C3=A9xico
------=_Part_168422_67914811.1509217568747
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<html>
  <head>
    <meta http-equiv=3D"content-type" content=3D"text/html; charset=3DUTF-8=
">
  </head>
  <body>
you should update the kernel anyway.&nbsp; some serious security holes have=
 recently been found and corrected in the newest kernel.<br /><br />mad.sci=
entist.at.large (a good madscientist)<br />
--
<br />&quot;The U.S. intelligence community concluded in a report made publ=
ic in=20
January that the Kremlin sought to disrupt the 2016 election and sway=20
the race in Trump's favor.&quot;&nbsp; From &quot;thehill.com&quot;.&nbsp; =
Only Trump and his duplicitous supports try to say it was Clinton who consp=
ired.&nbsp; Frankly Trump is likely guilty of treason, the sooner he's impe=
ached and indited the better, along with ALL of his supporters in goverment=
.<br /><br /><br />28. Oct 2017 12:58 by <a href=3D"mailto:caneko@gmail.com=
" target=3D"_blank" rel=3D"noopener noreferrer">caneko@gmail.com</a>:<br />=
<br /><blockquote class=3D"tutanota_quote" style=3D"border-left: 1px solid =
#93A3B8; padding-left: 10px; margin-left: 5px;"><div>On Sat, Oct 28, 2017 a=
t 1:44 PM, Nikos Chantziaras &lt;<a href=3D"mailto:realnc@gmail.com" target=
=3D"_blank" rel=3D"noopener noreferrer">realnc@gmail.com</a>&gt; wrote:<br =
/>&gt;<br />&gt; There is no such kernel option.<br /><br />Yes, there is[1=
]. However, there is no such option for kernel version 4.9[2], although the=
re is for 4.10[3]. I think that's the problem, for using the firewall BPF o=
ptions of systemd, you'll need to use kernel version &gt;=3D 4.10.<div><div=
><br /></div><div>Regards.</div><div><br /></div><div>[1] <a href=3D"https:=
//github.com/torvalds/linux/blob/master/init/Kconfig#L848" target=3D"_blank=
" rel=3D"noopener noreferrer">https://github.com/torvalds/linux/blob/master=
/init/Kconfig#L848</a></div><div>[2]&nbsp;<a href=3D"https://github.com/tor=
valds/linux/blob/v4.9/init/Kconfig" target=3D"_blank" rel=3D"noopener noref=
errer">https://github.com/torvalds/linux/blob/v4.9/init/Kconfig</a></div><d=
iv>[3] <a href=3D"https://github.com/torvalds/linux/blob/v4.10/init/Kconfig=
#L1157" target=3D"_blank" rel=3D"noopener noreferrer">https://github.com/to=
rvalds/linux/blob/v4.10/init/Kconfig#L1157</a><br />--<br />Dr. Canek Pel&a=
acute;ez Vald&eacute;s<br />Profesor de Carrera Asociado C<br />Departament=
o de Matem&aacute;ticas<br />Facultad de Ciencias<br />Universidad Nacional=
 Aut&oacute;noma de M&eacute;xico</div></div></div></blockquote>  </body>
</html>

------=_Part_168422_67914811.1509217568747--