Hi,
> Agree, I don't think it makes much sense to split things
into many small
> pieces.
>
>> - Do you need/want a firewall (requires iptables, etc)?
>
> I'd say yes by default, but being able to remove it might be useful
> (kernel-netfilter subpackage)?
So you agree multi-tiered subpackages is a bad idea,
On the hardware support side it is a bad idea I think. Too many
different use cases and lines between them are blurry, so I suspect it
becomes messy quickly if you try to split it fine-grained.
but then you
propose a netfilter specific subpackage? ... Probably not. They'll
likely just be in kernel-core.
"all netfilter modules" is pretty clear and so is the use case (=want
firewall). But maybe not worth the trouble, didn't check what size they
sum up to.
cheers,
Gerd