From: Scaramanga <scaramanga@barrysworld.com>
To: linux-kernel@vger.kernel.org
Subject: Re: Firewall netlink question...
Date: Mon, 22 Jan 2001 11:58:26 +0000 [thread overview]
Message-ID: <20010122115826.A11297@lemsip.lan> (raw)
In-Reply-To: <20010122073343.A3839@lemsip.lan> <Pine.LNX.4.21.0101221045380.25503-100000@titan.lahn.de> <20010122102600.A4458@lemsip.lan> <E14Kf9W-0008PJ-00@kabuki.eyep.net>
In-Reply-To: <E14Kf9W-0008PJ-00@kabuki.eyep.net>; from daniel@kabuki.eyep.net on Mon, Jan 22, 2001 at 11:28:41 +0000
Hi,
> This is true. This is called ipqmpd or something similar and written by
> Harald Welte, yes?
> Your best option is to either check out libipq (can be found in the
> directory of the same name in the iptables sources), which provides
> clean C interfaces, or the PERL interface, available from
> http://www.intercode.com.au/jamesm/
Yeah, I think that was the one.
>> What was wrong with the firewall netlink? My re-implementation works great
>> here. I can't see why anything else would be needed, QUEUE seems twice as
>> complex. Unless with QUEUE the userspce applications can make decisions on
>> what to do with the packet? In which case, it would be far too inefficient
>> for an application like mine, where all i need is to be able to read the
>> IP datagrams..
>
> It can modify and then reinject the packet if it so wishes.
Excellent, I didn't pick up on that, with the cursory glance at the code i took.
I wonder, would there be any interest/point in my NETLINK module, which
provides a backward compatible netlink interface. There are a good few
apps out there which rely on it, and its nice not to have to run a daemon
and install a new library, and re-write them just to continue using them...
--
// Gianni Tedesco <scaramanga@barrysworld.com>
Fingerprint: FECC 237F B895 0379 62C4 B5A9 D83B E2B0 02F3 7A68
Key ID: 02F37A68
egg.microsoft.com: Remote operating system guess: Solaris 2.6 - 2.7
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
next prev parent reply other threads:[~2001-01-22 11:59 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-01-22 7:33 Firewall netlink question Scaramanga
2001-01-22 9:46 ` Philipp Matthias Hahn
2001-01-22 10:26 ` Scaramanga
2001-01-22 11:28 ` Daniel Stone
2001-01-22 11:58 ` Scaramanga [this message]
2001-01-23 7:33 ` Daniel Stone
2001-01-24 4:28 ` Scaramanga
2001-01-24 12:30 ` Harald Welte
2001-01-24 15:26 ` Scaramanga
2001-01-24 12:27 ` Harald Welte
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20010122115826.A11297@lemsip.lan \
--to=scaramanga@barrysworld.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.