* nf/ctnetlink and notify
@ 2003-01-20 17:11 Kovacs Krisztian
2003-01-21 10:01 ` Harald Welte
0 siblings, 1 reply; 2+ messages in thread
From: Kovacs Krisztian @ 2003-01-20 17:11 UTC (permalink / raw)
To: netfilter-devel
Hi,
I'd have a question regarding the nfnetlink/ctnetlink patch in the
'extra' suite of POM. In this version of nfnetlink, the notify callback
API is missing (ip_conntrack_notify_register() and friends), while in the
old version in the oldnat directory it is part of the ctnetlink patch. Why
was this left out of the patch? What are the main concerns with the
_notify() code in the old patch?
As I can see some kind of such notification service will be required to
complete the nfnetlink patch, because in its current state it's totally
uncapable of sending messages on conntrack state changes. (And one
possible typo in the patch: in nfnetlink_conntrack.c ctnetlink_create is
not commented out, but there is no use of this function.)
--
Kovács Krisztián
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: nf/ctnetlink and notify
2003-01-20 17:11 nf/ctnetlink and notify Kovacs Krisztian
@ 2003-01-21 10:01 ` Harald Welte
0 siblings, 0 replies; 2+ messages in thread
From: Harald Welte @ 2003-01-21 10:01 UTC (permalink / raw)
To: netfilter-devel
[-- Attachment #1: Type: text/plain, Size: 1693 bytes --]
On Mon, Jan 20, 2003 at 06:11:29PM +0100, Kovacs Krisztian wrote:
>
> Hi,
>
> I'd have a question regarding the nfnetlink/ctnetlink patch in the
> 'extra' suite of POM. In this version of nfnetlink, the notify callback
> API is missing (ip_conntrack_notify_register() and friends), while in the
> old version in the oldnat directory it is part of the ctnetlink patch. Why
> was this left out of the patch?
because I wanted to have a minimum subset of the functionality first. A
subset that doesn't require adding any API to the conntrack core. As
you may have noticed, with recent newnat-enabled kernels, nfnetlink is
totally self-contained.
> What are the main concerns with the _notify() code in the old patch?
It's quite some time ago. I don't even remember what the case was.
But there was something (sorry...)
> As I can see some kind of such notification service will be required to
> complete the nfnetlink patch, because in its current state it's totally
> uncapable of sending messages on conntrack state changes.
True. This is one of the first issues on my TODO after iptables-1.2.8
is released and some of the bugzilla bugs are closed.
> (And one possible typo in the patch: in nfnetlink_conntrack.c
> ctnetlink_create is not commented out, but there is no use of this
> function.)
I'm aware of that, thanks.
> Kovács Krisztián
--
- Harald Welte / laforge@gnumonks.org http://www.gnumonks.org/
============================================================================
"If this were a dictatorship, it'd be a heck of a lot easier, just so long
as I'm the dictator." -- George W. Bush Dec 18, 2000
[-- Attachment #2: Type: application/pgp-signature, Size: 232 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2003-01-21 10:01 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-01-20 17:11 nf/ctnetlink and notify Kovacs Krisztian
2003-01-21 10:01 ` Harald Welte
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.