Quote:
|
Originally Posted by memed
Hmm, but your kernel was around 15% bigger on disk and you included everything static, allthough this may be more "secure" it prevents all kinds of nice features (ppp_mppe for el cheapo vpn, modules for loopback, network modules in general, e.g. ip_tables relies on modules [no firewall!])
|
Netfilter (iptables) doesn't rely on modules, you can build all neccessary functions statically into the kernel. Same goes for most other "modules" only a small handful of them is designed as "module-only", e.g. the new cryptographic modules of the 2.6.x kernels.