From: Laszlo Attila Toth <panther@balabit.hu>
To: Lutz Jaenicke <ljaenicke@innominate.com>,
David Miller <davem@davemloft.net>,
Patrick McHardy <kaber@trash.net>,
netdev@vger.kernel.org, netfilter-devel@vger.kernel.org
Subject: Re: [PATCHv6 iptables]Interface group match
Date: Thu, 29 Nov 2007 13:50:13 +0100 [thread overview]
Message-ID: <474EB585.30407@balabit.hu> (raw)
In-Reply-To: <20071123133933.GA31396@innominate.com>
Lutz Jaenicke írta:
> On Tue, Nov 20, 2007 at 02:14:28PM +0100, Laszlo Attila Toth wrote:
>> Interface group values can be checked on both input and output interfaces
>> with optional mask.
>
>> Index: extensions/libxt_ifgroup.c
>> ===================================================================
>> --- extensions/libxt_ifgroup.c (revision 0)
>> +++ extensions/libxt_ifgroup.c (revision 0)
>
>> + info->in_group = strtoul(optarg, &end, 0);
>
> This is somewhat inconsistent with the iproute patch which targets
> specific groups (with names).
> Should iptables be allowed to read "/etc/iproute2/rt_ifgroup"?
It would be good but cannot be used if a mask is set and only values
less than 256 can be used with names.
> There is no standard API like getservbyname()...
The code of iproute2 should be copied. If Patrick says it is ok, I'll
write this part.
>
> I do have a draft patch for physdev which is however against
> iptables-1.3.8 and linux-2.6.19 so it will need some more work
> but I will attach it for discussion.
Thanks. I will send soon for net-2.6.25 and iptables svn version.
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2007-11-29 12:50 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-11-20 13:14 [PATCHv6 0/3] Interface group patches Laszlo Attila Toth
2007-11-20 13:14 ` [PATCHv6 1/3] rtnetlink: setlink changes are unprotected; with single notification Laszlo Attila Toth
2007-11-20 13:14 ` [PATCHv6 2/3] Interface group: core (netlink) part Laszlo Attila Toth
2007-11-20 13:14 ` [PATCHv6 3/3] Netfilter Interface group match Laszlo Attila Toth
2007-11-20 13:14 ` [PATCHv6 iptables]Interface " Laszlo Attila Toth
2007-11-20 13:14 ` [PATCHv6 iproute 1/2] Added IFLA_NET_NS_PID as in kernel v2.6.24-rc1 Laszlo Attila Toth
2007-11-20 13:14 ` [PATCHv6 iproute 2/2] Interface group as new ip link option Laszlo Attila Toth
2007-11-23 13:25 ` Lutz Jaenicke
2007-11-23 13:39 ` [PATCHv6 iptables]Interface group match Lutz Jaenicke
2007-11-29 12:50 ` Laszlo Attila Toth [this message]
2007-11-29 16:16 ` Patrick McHardy
2007-11-29 16:23 ` Laszlo Attila Toth
2007-11-29 16:27 ` Patrick McHardy
2007-11-29 17:14 ` Jan Engelhardt
2007-11-29 17:15 ` Patrick McHardy
2007-11-27 13:10 ` [PATCHv6 3/3] Netfilter Interface " Patrick McHardy
2007-11-23 13:18 ` [PATCHv6 2/3] Interface group: core (netlink) part Lutz Jaenicke
2007-11-27 13:07 ` Patrick McHardy
2007-11-27 13:07 ` [PATCHv6 1/3] rtnetlink: setlink changes are unprotected; with single notification Patrick McHardy
2007-11-20 13:26 ` [PATCHv6 0/3] Interface group patches Jan Engelhardt
2007-11-20 13:52 ` Laszlo Attila Toth
2007-11-20 21:42 ` David Miller
2007-11-21 0:25 ` Patrick McHardy
2007-11-21 1:17 ` David Miller
2007-11-22 9:05 ` Laszlo Attila Toth
2007-11-21 15:56 ` Balazs Scheidler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=474EB585.30407@balabit.hu \
--to=panther@balabit.hu \
--cc=davem@davemloft.net \
--cc=kaber@trash.net \
--cc=ljaenicke@innominate.com \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.