From: Patrick McHardy <kaber@trash.net>
To: Bart De Schuymer <bdschuym@pandora.be>
Cc: Netfilter Development Mailinglist <netfilter-devel@lists.netfilter.org>
Subject: Re: [NETFILTER]: Kill ebt_ulog
Date: Sat, 23 Jul 2005 22:04:57 +0200 [thread overview]
Message-ID: <42E2A2E9.8050800@trash.net> (raw)
In-Reply-To: <1122148193.3382.16.camel@localhost.localdomain>
Bart De Schuymer wrote:
> Op za, 23-07-2005 te 17:52 +0200, schreef Patrick McHardy:
>
>>The upcoming code will be a generic replacement, so there's no need to
>>have ipt_ULOG/ebt_ulog except for backwards compatiblity reasons.
>>Is there actually a userspace daemon for ebt_ulog? In any case it makes
>>little sense to allocate a new netlink number for ebt_ulog since it
>>will break userspace compatiblity anyway.
>
> I wrote an example (see the ebtables CVS) that receives the netlink
> messages and prints out data for ping requests and replies.
> Gustavo Carneiro released some Perl code that handles the netlink
> messages (see http://ebtables.sourceforge.net/examples.html#easy). There
> is no full-blown full-featured daemon, I don't think that's always what
> people want anyway.
> What mechanism will let the user decide which packets should be sent to
> userspace? I think it would be a bad thing if {ip,eb}tables could no
> longer be used for that (it's not just backwards compatibility).
The QUEUE target will get a queue-number argument. Userspace can
register for different queues using netlink messages. All this
will be handled by the core to we don't need ipt_ULOG/ebt_ulog
anymore.
> I think changing the netlink number is a lot less drastic w.r.t.
> userspace compatibility than bluntly removing ebt_ulog. Perhaps it's my
> awful memory, but I seem to remember that ipt_ULOG and ebt_ulog could be
> used together. Anyway, it's sad that they can't share NETLINK_NFLOG,
> differentiation between both message flows is easily accomplished by the
> user with using a different netlink group number (but this issue should
> be fixed by the generic implementation).
The problem is that we can't create two kernel sockets for the same
netlink family. Netlink families are a scarce resource, so I don't think
it makes much sense to waste another one for a soon (couple of days)
deprecated mechanism. I propose to continue this discussion once the
new code is there, so we can see if it fits your needs.
Regards
Patrick
next prev parent reply other threads:[~2005-07-23 20:04 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-07-23 2:38 [NETFILTER]: Kill ebt_ulog Patrick McHardy
2005-07-23 2:40 ` Patrick McHardy
2005-07-23 11:50 ` Bart De Schuymer
2005-07-23 15:52 ` Patrick McHardy
2005-07-23 19:49 ` Bart De Schuymer
2005-07-23 20:04 ` Patrick McHardy [this message]
2005-07-23 21:34 ` Bart De Schuymer
2005-07-23 23:20 ` Patrick McHardy
2005-07-24 17:17 ` Harald Welte
2005-07-23 22:21 ` Carl-Daniel Hailfinger
2005-07-23 23:20 ` Patrick McHardy
2005-07-24 9:22 ` Bart De Schuymer
2005-07-24 17:25 ` Harald Welte
2005-07-25 0:52 ` David S. Miller
2005-07-25 7:11 ` Bart De Schuymer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=42E2A2E9.8050800@trash.net \
--to=kaber@trash.net \
--cc=bdschuym@pandora.be \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.