ip6t_ROUTE target

ip6t_ROUTE target

[Frank 'xraz' Fricke]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Folks!

I've written a ip6tables target for mangle/POSTROUTING to force
sending of packets with a specified interface. This makes
source-routing and multihoming without provider-transits possible
(at least at my site).

This was my first netfilter/kernel-work an was all done from
scratch - maybe it's alls wrong, but it really seem to do it's
job.
It's not working as a module because it uses rt6_lookup wich is not
exported - but i found it suitable for this case.

Could someone please review it?

Patches against stock 2.4.20 and iptables-1.2.8 are at:
http://duensch.org/xr/coding/linux-kernel/ip6t_ROUTE/

    ...Frank

- -- 
http://www.gnupg.org         |         http://xraz.de/gpg.key
Fingerpint: C1E1 0A5C 3733 F4F1 D59B 14F7 57C6 1784 8F78 8A2B
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+xUc0V8YXhI94iisRAko+AKCRQJO1JR4r7+6j53rG/ty1UVx9/gCaA1vQ
N/zfmjHst7H7+Zyglf/4JZI=
=5/rD
-----END PGP SIGNATURE-----

Re: ip6t_ROUTE target

[Andras Kis-Szabo]

Frank 'xraz' Fricke ............................ (2003. május 16.)

Hi Frank,

> This was my first netfilter/kernel-work an was all done from
> scratch - maybe it's alls wrong, but it really seem to do it's
> job.
But the id of the file says libip6t_REJECT ;)
> It's not working as a module because it uses rt6_lookup wich is not
> exported - but i found it suitable for this case.
Probably it could be exported ... (in the future).
Until that we should set the mod.count to -1. ;)

As I know - the new modules should be added to 2.5.x. You have the old
Configure.help format instead of Kconfig.
You do not use the C99 initializers in the structures.

Could you update your patches?

Thank you in advance,

	kisza

-- 
    Andras Kis-Szabo       Security Development, Design and Audit
-------------------------/        Zorp, NetFilter and IPv6
 kisza@SecurityAudit.hu /----------------------------------------------->

Re: ip6t_ROUTE target

[Frank 'xraz' Fricke]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

sorry for the late reactionb. i was very busy last weeks.

On Mon, 19 May 2003 14:46:03 +0200
Andras Kis-Szabo <kisza@securityaudit.hu> wrote:

|As I know - the new modules should be added to 2.5.x. You have the old
|Configure.help format instead of Kconfig.

it was just planned as a hot fix as long as ip6-policy-routing does not
work. so i did it for 2.4. i'll check out how things work in 2.5 if this
target should go into.

|You do not use the C99 initializers in the structures.

i can not see where i should use them - can you give an example? kernel
hackers guid does not help me.

|Could you update your patches?

i'll make one for 2.4.21 soon because i need it and i'll also try to
produce one for 2.5.latest. unfortunately i have no seperate testing
system for unstable kernels so this could take a while.

|Thank you in advance,

thank YOU for all the good and free software :)

     ...Frank

- -- 
http://www.gnupg.org         |         http://xraz.de/gpg.key
Fingerpint: C1E1 0A5C 3733 F4F1 D59B 14F7 57C6 1784 8F78 8A2B
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE+6vR9V8YXhI94iisRAsH9AJ9Sg1KyEBxU3NDX6TravwUkHRitAgCbB7tc
bfce/xY9PKCY6WNnDP5wP1w=
=tQOJ
-----END PGP SIGNATURE-----

How to turn off power save for ipfilter based machine

[CHAKIB HANTOUS]

Sorry for disturb,
I'm configuring a firewall using netfilter, with Linux RedHat 9.0
when the machine rest for some minites, the power save disable the monitor,
and the network card also, so my ipfiletr tables is set to NULL and  my
route table also.
Is there  any one who can help me, to disable the power save on the net
card.