On Fri, Jan 14, 2011 at 2:18 PM, Jan Engelhardt <jengelh(a)medozas.de&gt; wrote: (The reason for audit's existence still eludes me..) audit exists because a very large number of gov't customers (Not just USA) have special requirements about how 'relevant' information is gathered and stored. They require centralization and standardization and require pretty formal documentation describing it's operation. The gov't certification authority has recently added a requirement that they be able to log 'illegal attempted network connections' via the approved audit facility. Thus, this patch. -Eric