Re: [RFC] NAT tuple reservation

All of lore.kernel.org
 help / color / mirror / Atom feed

From: KOVACS Krisztian <hidden@balabit.hu>
To: netfilter-devel@lists.netfilter.org
Subject: Re: [RFC] NAT tuple reservation
Date: Fri, 28 Nov 2003 16:06:45 +0100	[thread overview]
Message-ID: <3FC76485.5000202@balabit.hu> (raw)
In-Reply-To: <3FB8DF90.5090505@balabit.hu>

   Hi,

KOVACS Krisztian wrote:
> ip_nat_setup_info_reserved(...): This is basically the same as 
> ip_nat_setup_info, except that it calls ip_nat_setup_info() with the 
> appropriate flag, and deletes the reservation in case of successful 
> allocation.

   Oh, one more question, suggested by Nikolai Dahlem: to be able to 
decide if ip_nat_setup_info() may allocate a reserved tuple, we need some 
kind of additional argument (flags). However, ip_nat_setup_info() is 
called from a number of places, for example NAT helpers. So, modifying 
ip_nat_setup_info() would mean those calls need to be updated.

   Nikolai suggested we could provide an ip_nat_setup_info_extended() 
function, and make ip_nat_setup_info be a simple call with the default 
flags. However, I feel that this flags attribute could be used more 
universally, for example, our transparent proxying patch already adds it, 
and uses it actively to bypass calling helpers.

   So, the question is: what about extending ip_nat_setup_info() with an 
additional flag attribute in the NAT core? Or should we stay with a 
"workaround" for now?

-- 
   Regards,
     Krisztian KOVACS

     prev parent reply	other threads:[~2003-11-28 15:06 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-11-17 14:47 [RFC] NAT tuple reservation KOVACS Krisztian
2003-11-17 22:29 ` Harald Welte
2003-11-18  7:47   ` KOVACS Krisztian
2003-11-18 16:57     ` Harald Welte
2003-11-19 10:21       ` KOVACS Krisztian
2003-11-28 15:06 ` KOVACS Krisztian [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3FC76485.5000202@balabit.hu \
    --to=hidden@balabit.hu \
    --cc=netfilter-devel@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.