Patrick McHardy wrote:
> Pablo Neira Ayuso wrote:
>> Krzysztof Oledzki wrote:
>>> Any chances to make it more frendly to new helpers and compatible with
>>> out-of-tree helpers by registering a name directly from a helper and
>>> using it? We may for example introduce something like
>>> /proc/net/nf_helpers.
>>
>> We may directly set the name of the helper using the string that
>> identifies it instead of this id. However, this means more memory
>> consumption but more flexibility. I have another patch here that uses
>> strings to do so. The problem is that helpers doesn't have a limitation
>> in the name length and I don't like the idea of having a field
>> "helper_name" with variable length inside the nf_conntrack object. We
>> could make some reasonable assumptions, like considering that the helper
>> name would not be larger than 32 bytes.
> 
> Limiting the name makes sense. The helper match can only match
> on I think 16 bytes, and that seems big enough.

Fine, I have set it to the same size used in xt_helper (30 bytes, that
seems a lot to me, I actually prefer 16 bytes as you said).

BTW, the helper name support for libnetfilter_conntrack looks like the
patch attached.

-- 
"Los honestos son inadaptados sociales" -- Les Luthiers