Re: [iptables PATCH 1/2] Add iptables support for the TPROXY target

All of lore.kernel.org
 help / color / mirror / Atom feed

From: KOVACS Krisztian <hidden@sch.bme.hu>
To: Jan Engelhardt <jengelh@medozas.de>
Cc: Patrick McHardy <kaber@trash.net>, netfilter-devel@vger.kernel.org
Subject: Re: [iptables PATCH 1/2] Add iptables support for the TPROXY target
Date: Wed, 15 Oct 2008 10:22:06 +0200	[thread overview]
Message-ID: <200810151022.06435@nessa> (raw)
In-Reply-To: <alpine.LNX.1.10.0810150412020.10924@fbirervta.pbzchgretzou.qr>

Hi,

On Wednesday 15 October 2008, Jan Engelhardt wrote:
> On Wednesday 2008-10-15 04:10, KOVACS Krisztian wrote:
> >Add user-space code for the TPROXY target.
> >
> >+++ b/include/linux/netfilter/xt_TPROXY.h
> >@@ -0,0 +1,14 @@
> >+#ifndef _XT_TPROXY_H_target
> >+#define _XT_TPROXY_H_target
> >+
> >+/* TPROXY target is capable of marking the packet to perform
> >+ * redirection. We can get rid of that whenever we get support for
> >+ * mutliple targets in the same rule. */
> >+struct xt_tproxy_target_info {
> >+	u_int32_t mark_mask;
> >+	u_int32_t mark_value;
> >+	__be32 laddr;
> >+	__be16 lport;
> >+};
>
> A bit of forward planning would not have been bad; like using a
> "union nf_inet_addr laddr" for a future IPv6 expansion, since those
> pesky structs (xt_mymodule) tend be quite fixed and when they change,
> they require a new revision.

You're right. However I don't consider adding a new revision much of a 
problem when adding IPv6 support -- that is a major new feature anyway.

But I think we're still on time: feel free to submit a patch to DaveM 
which changes the kernel side as well as a patch to the iptables modules.

Thanks a lot!

-- 
KOVACS Krisztian

next prev parent reply	other threads:[~2008-10-15  8:22 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-10-15  8:10 [iptables PATCH 1/2] Add iptables support for the TPROXY target KOVACS Krisztian
2008-10-15  8:13 ` Jan Engelhardt
2008-10-15  8:22   ` KOVACS Krisztian [this message]
2008-10-15  9:52     ` Patrick McHardy
2008-10-15 10:30       ` KOVACS Krisztian
2008-10-15  9:50 ` Patrick McHardy

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=200810151022.06435@nessa \
    --to=hidden@sch.bme.hu \
    --cc=jengelh@medozas.de \
    --cc=kaber@trash.net \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.