From: Sven Anders <anders@anduras.de>
To: netfilter-devel@lists.netfilter.org
Subject: New iptables structure (was: [PATCH 1/2] ipt_MARK extension with backwards compatibilty...)
Date: Sat, 27 Nov 2004 11:45:24 +0100 [thread overview]
Message-ID: <41A85AC4.5080006@anduras.de> (raw)
In-Reply-To: <41A7B514.9030703@eurodev.net>
[-- Attachment #1: Type: text/plain, Size: 1651 bytes --]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Pablo Neira wrote:
| My idea, I don't know how crazy it is. Instead of using the size to
| guess the target/match version, we could steal 1 byte from char name[]
| to define a new field called version, so we could register different
| versions of a match/target.
Once again, we need a field more...
Wasn't there an suggestion to reuse the 'nfcache' field too??
Wasn't the need to an unique rule id posted?
What more???
Why not break compatibilty, if it hamper the development?
Admit it, the design has some flaws, why not eliminating them? You can not preserve the
compatibility forever! It you do it NOW (in the next 2.6 kernel release) you can rely on
the circumstance, that it will updated, because in the current kernel cycle, it will be
done more often. The longer you wait, the more difficult it will be!
To prevent further incompatibility, you can insert some reserved fields to the main
structure...
Comments welcome :-)
Regards
~ Sven
- --
~ Sven Anders <anders@anduras.de>
~ ANDURAS service solutions AG
~ Innstraße 71 - 94036 Passau - Germany
~ Web: www.anduras.de - Tel: +49 (0)851-4 90 50-0 - Fax: +49 (0)851-4 90 50-55
Rechtsform: Aktiengesellschaft - Sitz: Passau - Amtsgericht Passau HRB 6032
Mitglieder des Vorstands: Sven Anders, Marcus Junker, Michael Schön
Vorsitzender des Aufsichtsrats: Dipl. Kfm. Karlheinz Antesberger
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD4DBQFBqFrD5lKZ7Feg4EcRAohvAKCD53V3uhC/b2EBWQvjSlHzKQdXrQCYu7iy
FnXEAMJ0SKVKwID2d3yUIw==
=2wlB
-----END PGP SIGNATURE-----
next prev parent reply other threads:[~2004-11-27 10:45 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-11-25 4:49 [PATCH 1/2] ipt_MARK extension with backwards compatibility (kernel side) Rusty Russell
2004-11-26 22:58 ` Pablo Neira
2004-11-27 10:45 ` Sven Anders [this message]
2004-11-27 14:14 ` New iptables structure (was: [PATCH 1/2] ipt_MARK extension with backwards compatibilty...) Bart De Schuymer
2004-11-28 20:45 ` New iptables structure Pablo Neira
2004-11-29 12:27 ` New iptables structure (was: [PATCH 1/2] ipt_MARK extension with backwards compatibilty...) Henrik Nordstrom
2004-12-07 21:20 ` [PATCH 1/2] ipt_MARK extension with backwards compatibility (kernel side) Pablo Neira
2004-12-08 5:44 ` Rusty Russell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=41A85AC4.5080006@anduras.de \
--to=anders@anduras.de \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.