On Sep 14, jidanni@jida... wrote:

> LB> You could file this a a wishlist bug report against the iptables
> LB> package, and see if the  maintainer wish to add this file (or a larger
> LB> /etc/sysctl.d/iptables.conf with some sane defaults).
What makes you believe that the kernel defaults are not sane?
This is an extra feature which is not required by most people, has a
computational and memory cost and should not be enabled unless needed.
This bug should just be closed, or at least only commented by people who
actually know what they are talking about.

--
ciao,
Marco