|
|
|
|
|
|
by mathieuruellan
1422 days ago
|
|
|
I prefer flagging packets from cgroup. But since cgroupv2 it can only be done with systemd/slices, it's not easy and stable. (The slice must exist before iptables rule, and if it stops, i experiment kernel crashes etc.) |
|
|