From: Hans Schillstrom <hans@schillstrom.com>
To: Jan Engelhardt <jengelh@medozas.de>
Cc: Pablo Neira Ayuso <pablo@netfilter.org>,
Hans Schillstrom <hans.schillstrom@ericsson.com>,
"kaber@trash.net" <kaber@trash.net>,
"netfilter-devel@vger.kernel.org"
<netfilter-devel@vger.kernel.org>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>
Subject: Re: [PATCH] NETFILTER module xt_hmark new target for HASH MARK
Date: Thu, 3 Feb 2011 18:40:36 +0100 [thread overview]
Message-ID: <201102031840.37099.hans@schillstrom.com> (raw)
In-Reply-To: <alpine.LNX.2.01.1102031731010.30984@obet.zrqbmnf.qr>
--
Mvh
Hasse Schillstrom
070-699 7150
On Thursday, February 03, 2011 17:32:07 Jan Engelhardt wrote:
>
> On Thursday 2011-02-03 17:08, Pablo Neira Ayuso wrote:
> >>> Hm, this is actually not straight forward to implement, you'll have to
> >>> use hook functions to avoid the module dependencies with conntrack and
> >>> that's pretty annoying.
> >>>
> >>> I don't come up with a good solution for this.
> >>
> >> If it loads conntrack always, there is the option to shovel it
> >> into xt_connmark.c.
> >
> >the problem is that Hans wants this not to depend on conntrack always.
>
> Well you porbably won't get around the nf_conntrack module dependency,
> but conntrack can still be disabled through CT --notrack
> if one does not like the runtime cost.
>
If you do put this in front of a bunch of load balancers,
there is probably a lot of traffic :-)
So that's the reason why I don't want do depend upon conntrack.
next prev parent reply other threads:[~2011-02-03 17:40 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-02-03 13:34 [PATCH 0/2] NETFILTER new target module, HMARK Hans Schillstrom
2011-02-03 13:34 ` [PATCH] NETFILTER module xt_hmark new target for HASH MARK Hans Schillstrom
2011-02-03 13:51 ` Pablo Neira Ayuso
2011-02-03 14:23 ` Hans Schillstrom
2011-02-03 15:42 ` Pablo Neira Ayuso
2011-02-03 16:01 ` Pablo Neira Ayuso
2011-02-03 16:06 ` Jan Engelhardt
2011-02-03 16:08 ` Pablo Neira Ayuso
2011-02-03 16:32 ` Jan Engelhardt
2011-02-03 17:40 ` Hans Schillstrom [this message]
2011-02-03 17:37 ` Hans Schillstrom
2011-02-04 13:17 ` Patrick McHardy
2011-02-04 13:20 ` Patrick McHardy
2011-02-03 13:34 ` [PATCH] NETFILTER userspace part for target HMARK Hans Schillstrom
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201102031840.37099.hans@schillstrom.com \
--to=hans@schillstrom.com \
--cc=hans.schillstrom@ericsson.com \
--cc=jengelh@medozas.de \
--cc=kaber@trash.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.