From: Mr Dash Four <mr.dash.four@googlemail.com>
To: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Cc: Jan Engelhardt <jengelh@medozas.de>,
netfilter@vger.kernel.org,
Netfilter Developer Mailing List
<netfilter-devel@vger.kernel.org>
Subject: Re: Xtables-addons 1.32/ipset-GENL 5.2
Date: Wed, 05 Jan 2011 15:52:07 +0000 [thread overview]
Message-ID: <4D2493A7.5070203@googlemail.com> (raw)
In-Reply-To: <alpine.DEB.2.00.1101050921130.23762@blackhole.kfki.hu>
> I fully appreciate your effort, however with it you forked ipset 5.x and
> now the two branches cannot talk to each other.
>
> I'm not convinced that ipset should be moved from nfnetlink to genetlink.
> It'd make life easier for the users at the beginning, however on the
> longer run it'd buy nothing and I believe ipset belongs to nfnetlink.
>
> I considered the idea of adding support of both protocols, however it
> might make the acceptance for kernel inclusion harder. I'm not happy.
>
Jozsef,
I have been thinking along similar lines with regards to ipset/xtables
for quite a while - I do not really need or use xtables apart from the
ipset part.
Up until now I have been compiling rpm which builds the main xtables
package and I also use a sepearate .spec file to create the kernel
modules (kmod-*.rpm). The process is by no means flawless (my post
history on here vouches that to be the case) so, waiting for ipset to be
integrated with xtables every time a new ipset version is released is
not always the best for me as a regular user of that package as your
comments above highlight.
What I am getting at is this - I will try to create a .spec file for
building a completely separate package which only deals with ipset and
leaves xtables aside as it is highly likely that I will dump xtables
once and for all as soon as I am able to create this package since I do
not need/use its features, apart from what ipset currently offers me.
As it stands, Fedora does not distribute ipset on its own, but as part
of the xtables package. I do not know whether this is going to change,
but as far as I am concerned the moment I am able to build a separate
ipset rpm which functions as it should, xtables is gone on all of my
machines. I presume ipset, too, generates/uses kernel modules - is that
the case?
next prev parent reply other threads:[~2011-01-05 15:52 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-04 4:14 Xtables-addons 1.32/ipset-GENL 5.2 Jan Engelhardt
2011-01-05 9:22 ` Jozsef Kadlecsik
2011-01-05 12:08 ` Jan Engelhardt
2011-01-05 15:52 ` Mr Dash Four [this message]
2011-01-05 20:29 ` Jozsef Kadlecsik
2011-01-06 2:11 ` Pablo Neira Ayuso
2011-01-06 3:21 ` Jan Engelhardt
2011-01-06 9:46 ` Jozsef Kadlecsik
2011-01-06 13:12 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D2493A7.5070203@googlemail.com \
--to=mr.dash.four@googlemail.com \
--cc=jengelh@medozas.de \
--cc=kadlec@blackhole.kfki.hu \
--cc=netfilter-devel@vger.kernel.org \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.