From: Amin Azez <azez@ufomechanic.net>
To: Amin Azez <azez@ufomechanic.net>
Cc: netfilter-devel@lists.netfilter.org, Patrick McHardy <kaber@trash.net>
Subject: Re: ipt_recent patch
Date: Wed, 03 May 2006 12:41:49 +0100 [thread overview]
Message-ID: <445896FD.60409@ufomechanic.net> (raw)
In-Reply-To: <445878C2.9080400@ufomechanic.net>
I actually think ipt_recent wants merging with ipt_set, by causing
ipt_set to maintain the insert time and refresh time of each set member.
What do you think? It will require taking the design behind ipt_recents
combine hash/list structure but I would suggest using a linked list
instead of an array to hold the time-ordered list.
Sam
Amin Azez wrote:
> Stephen Frost wrote:
>
>
>> I don't really see the use-case for these new options... Perhaps if it
>> was combined with an IP mask of some kind, ie: packets from 5 IPs in the
>> same /24 in the last 60 seconds, or some such. That could also be
>> accomplished by providing a way to tell ipt_recent to look for a mask
>> instead of individual IPs though. ie: For this table, consider any IPs
>> in the same /24 to be the 'same' IP.
>>
>> Anyway, they don't really affect how the module works as they just add
>> additional ways to check on the data stored in the tables, so I'm not
>> strongly against them just don't entirely see the point.
>>
>
>
> I agree that a mask ought also to be supplied, as /32 is equivalent to
> the same-ip anyway.
>
> Are you content to make that modification or do you wish me to?
> I won't be able to do so for week or two.
>
> Sam
>
next prev parent reply other threads:[~2006-05-03 11:41 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-02-17 17:37 ipt_recent fix Amin Azez
2006-02-20 16:12 ` [patch] ipt_recent Amin Azez
2006-03-04 10:00 ` Patrick McHardy
2006-03-07 15:48 ` Amin Azez
2006-03-08 12:16 ` Patrick McHardy
2006-03-13 17:47 ` ipt_recent patch Amin Azez
2006-03-22 14:26 ` Stephen Frost
2006-05-03 9:32 ` Amin Azez
2006-05-03 11:41 ` Amin Azez [this message]
2006-03-22 12:04 ` [patch] ipt_recent Amin Azez
2006-02-21 11:16 ` BUG: More ipt_recent queries Amin Azez
2006-02-21 16:28 ` Amin Azez
2006-03-04 10:13 ` Patrick McHardy
2006-03-06 3:04 ` Stephen Frost
2006-03-07 15:46 ` Amin Azez
2006-03-04 10:10 ` ipt_recent fix Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=445896FD.60409@ufomechanic.net \
--to=azez@ufomechanic.net \
--cc=kaber@trash.net \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.