There seems to be varied needs for netfilter specific /proc entries.
The tcp-window-tracking patch seems to me to have placed a /proc entry
point for netfilter most sanely at /proc/sys/net/ipv4/netfilter/.  I
would also like to have a sysctl/proc node to diddle with tunables in
my Amanda conntracking module.

Specifically the default of 180 seconds for a UDP stream is not long
enough on the control (master in netfilter parlance) connection of an
Amanda session, so I would like to override the master's timeout value
in my conntrack helper.  I have tested my theory with a hard coded
value and it work.  Now I would like to make it tunable by the
user/administrator.

I suppose I could pass an argument while loading the module, but using
sysctl (and/or /proc) just seems so much more sane.  But I digress,
greatly.

I am wondering if Jozsef and/or Harald would like to separate out the
creation of the /proc/sys/net/ipv4/netfilter/ node into a separate
patch for the rest of us to use, rather than having to make
tcp-window-tracking a prerequisite just to get a proc entry to use.

Thots?
b.

-- 
Brian J. Murrell