From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Jan Engelhardt <jengelh@inai.de>
Cc: Netfilter Developer Mailing List
<netfilter-devel@vger.kernel.org>,
Netfilter user mailing list <netfilter@vger.kernel.org>
Subject: Re: Formal submission of Xtables2
Date: Thu, 13 Dec 2012 18:25:23 +0100 [thread overview]
Message-ID: <20121213172523.GB14333@1984> (raw)
In-Reply-To: <alpine.LNX.2.01.1212131623480.10856@nerf07.vanv.qr>
On Thu, Dec 13, 2012 at 05:41:28PM +0100, Jan Engelhardt wrote:
> On Thursday 2012-12-13 16:16, Pablo Neira Ayuso wrote:
>
> >On Thu, Dec 13, 2012 at 03:53:45PM +0100, Jan Engelhardt wrote:
> >[...]
> >> In my opinion, there is nothing wrong with keeping some concepts. A
> >> developer is not required to reevaluate and reinnovate every concept
> >> there has been just for the heck of it. (The old "evolution, not
> >> revolution" credo.) Throwing everything overboard generally does not
> >> turn out to work these days.
> >
> >Nobody is going to throw everything overboard. Nftables is backward
> >compatible while providing a new framework[,]
>
> That sounds just like xt2. Compatibility exists such that there is a
> defined mapping from xt1->xt2 rules (at one point I did write a
> setsockopt translator in the past...); the userspace tool mimics
> iptables in syntax, though I have allowed myself to not have certain
> options in the CLI tool.
We provided that compatibility layer that mimics iptables in Oct 2012
[1]. However, it seems you prefered to code it your way from almost
scratch, that's confusing.
> New framework, same thing, I guess. xt_core is independent of
> xt_nfnetlink and I do not see any hurdle in introducing new concepts
> if so desired.
We have already new concepts in nftables, have a look at it.
Please, I think this conversation just started spinning and the same
arguments are showing up over and over again, it's time to stop this.
[1] http://www.spinics.net/lists/netfilter-devel/msg23831.html
next prev parent reply other threads:[~2012-12-13 17:25 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-12-13 6:00 Formal submission of Xtables2 Jan Engelhardt
2012-12-13 11:00 ` Pablo Neira Ayuso
2012-12-13 11:36 ` Jan Engelhardt
2012-12-13 12:05 ` Pablo Neira Ayuso
2012-12-13 13:08 ` Jan Engelhardt
2012-12-13 14:28 ` Pablo Neira Ayuso
2012-12-13 14:53 ` Jan Engelhardt
2012-12-13 15:16 ` Pablo Neira Ayuso
2012-12-13 16:41 ` Jan Engelhardt
2012-12-13 17:25 ` Pablo Neira Ayuso [this message]
2012-12-13 18:19 ` Jan Engelhardt
2012-12-17 0:08 ` Pablo Neira Ayuso
2012-12-17 1:39 ` Jan Engelhardt
2012-12-17 9:53 ` Pablo Neira Ayuso
2012-12-17 10:12 ` Maciej Żenczykowski
2012-12-17 13:01 ` Jan Engelhardt
2012-12-17 14:30 ` Pablo Neira Ayuso
2012-12-17 20:51 ` Jan Engelhardt
2012-12-17 23:49 ` Jozsef Kadlecsik
2012-12-18 1:11 ` Jan Engelhardt
2012-12-18 1:51 ` Neal Murphy
2012-12-18 1:27 ` David Miller
2012-12-14 9:41 ` Andreas Herz
2012-12-14 18:49 ` Jan Engelhardt
2012-12-18 14:09 ` Andreas Herz
2012-12-16 23:57 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121213172523.GB14333@1984 \
--to=pablo@netfilter.org \
--cc=jengelh@inai.de \
--cc=netfilter-devel@vger.kernel.org \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.