From: Brad Fisher <brad@info-link.net>
To: Krzysztof Oledzki <olenf@ans.pl>
Cc: netfilter-devel@lists.netfilter.org,
Heiko Schlittermann <hs@schlittermann.de>
Subject: Re: Patch for ipt_time (to enable start > stop / crossing midnight)
Date: Wed, 04 Jan 2006 11:18:41 -0600 [thread overview]
Message-ID: <43BC0371.3050500@info-link.net> (raw)
In-Reply-To: <Pine.LNX.4.64.0601041758580.22709@bizon.gios.gov.pl>
Krzysztof Oledzki wrote:
>
>
> On Wed, 4 Jan 2006, Brad Fisher wrote:
>
>> I've also sent a couple of patches to add this functionality to
>> Fabrice and the dev list. I'd like to see it implemented at some
>> point, regardless of the patch used :) Another thing I know was an
>> issue in the past for me was a restriction on which hooks the time
>> match was allowed in. I believe my most recent patch (send on
>> 12/3/2003 i think) removed those restrictions and allowed it in all
>> hooks as well as allowing the time range to cross the midnight
>> boundary. Perhaps that issue has been resolved in the meantime
>> though, I haven't checked the code recently. I see there have also
>> been a few others who have sent patches to the mailing list to
>> address this issue as well.
>
>
> Currently, according to the code, ipt_time is allowed in PREROUTING,
> INPUT, FORWARD and OUTPUT. I believe the restriction can be relaxed in
> 2.6.x version now since it always gets timestamp only if packets does
> not contain one. We can fix 2.4.x version in the same way. Which other
> hooks are also useful? There is only one left - POSTROUTING. ;)
>
> Best regards,
>
> Krzysztof Olędzki
I recall having problems in the mangle table, so it was probably with
the POSTROUTING chain. My rules depended on the dst IP after NAT was
performed.
-Brad
next prev parent reply other threads:[~2006-01-04 17:18 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-01-04 14:27 Patch for ipt_time (to enable start > stop / crossing midnight) Heiko Schlittermann
2006-01-04 15:47 ` Krzysztof Oledzki
2006-01-04 16:36 ` Brad Fisher
2006-01-04 17:09 ` Krzysztof Oledzki
2006-01-04 17:18 ` Brad Fisher [this message]
2006-01-04 16:44 ` Heiko Schlittermann
2006-01-04 16:58 ` Krzysztof Oledzki
2006-01-05 9:41 ` Heiko Schlittermann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=43BC0371.3050500@info-link.net \
--to=brad@info-link.net \
--cc=hs@schlittermann.de \
--cc=netfilter-devel@lists.netfilter.org \
--cc=olenf@ans.pl \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.