* netfilter
@ 2002-07-16 1:55 Ed Street
2002-07-16 11:07 ` netfilter Stephen Smalley
0 siblings, 1 reply; 10+ messages in thread
From: Ed Street @ 2002-07-16 1:55 UTC (permalink / raw)
To: Selinux
Hello,
Started working with netfilter under Selinux and I noted that it was
grouped with ipchains and labeled as
/sbin/iptables system_u:object_r:ipchains_exec_t
Should this have a separate label and it's own te file?
Ed
--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: netfilter
2002-07-16 1:55 netfilter Ed Street
@ 2002-07-16 11:07 ` Stephen Smalley
0 siblings, 0 replies; 10+ messages in thread
From: Stephen Smalley @ 2002-07-16 11:07 UTC (permalink / raw)
To: Ed Street; +Cc: Selinux
On Mon, 15 Jul 2002, Ed Street wrote:
> Started working with netfilter under Selinux and I noted that it was
> grouped with ipchains and labeled as
> /sbin/iptables system_u:object_r:ipchains_exec_t
>
> Should this have a separate label and it's own te file?
Only if it requires a distinct set of permissions and you want to enforce
that distinction in the policy.
--
Stephen D. Smalley, NAI Labs
ssmalley@nai.com
--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 10+ messages in thread
* netfilter
@ 2004-05-26 2:18 sokhan heng
2004-05-27 8:11 ` netfilter John A. Sullivan III
2004-05-27 10:48 ` netfilter Henrik Nordstrom
0 siblings, 2 replies; 10+ messages in thread
From: sokhan heng @ 2004-05-26 2:18 UTC (permalink / raw)
To: netfilter-devel
Hi there
I wonder if I could ask you one question please about
netfilter? I wonder if it can be used to prioritise
traffic, by that I mean when two packets are sent to
the same destination, one can be delayed to let the
other packet pass first. if it can, can you tell me
what topic should I look for to get how to do that
please?
Yours sincerely
Sokhan H
__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: netfilter
2004-05-26 2:18 netfilter sokhan heng
@ 2004-05-27 8:11 ` John A. Sullivan III
2004-05-27 10:48 ` netfilter Henrik Nordstrom
1 sibling, 0 replies; 10+ messages in thread
From: John A. Sullivan III @ 2004-05-27 8:11 UTC (permalink / raw)
To: sokhan heng; +Cc: netfilter-devel
On Tue, 2004-05-25 at 22:18, sokhan heng wrote:
> Hi there
>
> I wonder if I could ask you one question please about
> netfilter? I wonder if it can be used to prioritise
> traffic, by that I mean when two packets are sent to
> the same destination, one can be delayed to let the
> other packet pass first. if it can, can you tell me
> what topic should I look for to get how to do that
> please?
>
> Yours sincerely
>
> Sokhan H
<snip>
I do not believe that is a netfilter function. You could take a look at
iproute2. The documentation is frequently found in a file named
ip-cref.ps
--
John A. Sullivan III
Chief Technology Officer
Nexus Management
+1 207-985-7880
john.sullivan@nexusmgmt.com
---
If you are interested in helping to develop a GPL enterprise class
VPN/Firewall/Security device management console, please visit
http://iscs.sourceforge.net
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: netfilter
2004-05-26 2:18 netfilter sokhan heng
2004-05-27 8:11 ` netfilter John A. Sullivan III
@ 2004-05-27 10:48 ` Henrik Nordstrom
1 sibling, 0 replies; 10+ messages in thread
From: Henrik Nordstrom @ 2004-05-27 10:48 UTC (permalink / raw)
To: sokhan heng; +Cc: netfilter-devel
On Tue, 25 May 2004, sokhan heng wrote:
> I wonder if I could ask you one question please about
> netfilter? I wonder if it can be used to prioritise
> traffic, by that I mean when two packets are sent to
> the same destination, one can be delayed to let the
> other packet pass first. if it can, can you tell me
> what topic should I look for to get how to do that
> please?
This is not the job of netfilter, but is instead done by the
shaping/queueing components in the Linux kernel. See the tc command and
related documentation.
Regards
Henrik
^ permalink raw reply [flat|nested] 10+ messages in thread
* netfilter
@ 2007-12-04 8:23 Rohit Gupta
2007-12-04 8:55 ` netfilter Jan Engelhardt
0 siblings, 1 reply; 10+ messages in thread
From: Rohit Gupta @ 2007-12-04 8:23 UTC (permalink / raw)
To: 'Patrick McHardy'; +Cc: netfilter-devel
Hello
I m new in this field would you plz at which point netfilter is interacting
with iptables application.
Thanks and Regards
Rohit Gupta
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: netfilter
2007-12-04 8:23 netfilter Rohit Gupta
@ 2007-12-04 8:55 ` Jan Engelhardt
0 siblings, 0 replies; 10+ messages in thread
From: Jan Engelhardt @ 2007-12-04 8:55 UTC (permalink / raw)
To: Rohit Gupta; +Cc: 'Patrick McHardy', netfilter-devel
>Hello
> I m new in this field would you plz at which point netfilter is interacting
>with iptables application.
>Thanks and Regards
>Rohit Gupta
"plz" consider the source, see the libiptc directory inside iptables.
^ permalink raw reply [flat|nested] 10+ messages in thread
* netfilter
@ 2014-10-24 18:43 Jamal Hadi Salim
2014-10-25 1:04 ` netfilter Jeff Kirsher
0 siblings, 1 reply; 10+ messages in thread
From: Jamal Hadi Salim @ 2014-10-24 18:43 UTC (permalink / raw)
To: netdev@vger.kernel.org
[-- Attachment #1: Type: text/plain, Size: 0 bytes --]
[-- Attachment #2: call_for_sponsors3.odt --]
[-- Type: application/vnd.oasis.opendocument.text, Size: 46534 bytes --]
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: netfilter
2014-10-24 18:43 netfilter Jamal Hadi Salim
@ 2014-10-25 1:04 ` Jeff Kirsher
0 siblings, 0 replies; 10+ messages in thread
From: Jeff Kirsher @ 2014-10-25 1:04 UTC (permalink / raw)
To: Jamal Hadi Salim; +Cc: netdev@vger.kernel.org
I assume you are looking for sponsers for 2015 since July 2014 has
already passed... :-)
On Fri, Oct 24, 2014 at 11:43 AM, Jamal Hadi Salim <jhs@mojatatu.com> wrote:
>
--
Cheers,
Jeff
^ permalink raw reply [flat|nested] 10+ messages in thread
* Netfilter
@ 2019-03-06 2:24 satya phanisree
0 siblings, 0 replies; 10+ messages in thread
From: satya phanisree @ 2019-03-06 2:24 UTC (permalink / raw)
To: netfilter-devel
Hi ,
We are looking at trying to retrieve the complete conntrack table
using libnetfilter_conntrack API's. But when we used the below
sequence of API's we see that the call back register is getting called
once for every entery in the conntrack table. The sequence of API's we
have used is as follows :
cb
..........
..........
nfct_snprintf ();<=====returns one entry from conntrack table
..........
..........
main
nfct_callback_register ( ); <===== NFCT_T_ALL to fetch all the enteries
ret = nfct_query ();
........
........
Is there a away for me to get the whole conntrack table in a single
invocation of single callback function ? So that the cb function not
called multiple times?
Thanks and Regards,
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2019-03-06 2:24 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-10-24 18:43 netfilter Jamal Hadi Salim
2014-10-25 1:04 ` netfilter Jeff Kirsher
-- strict thread matches above, loose matches on Subject: below --
2019-03-06 2:24 Netfilter satya phanisree
2007-12-04 8:23 netfilter Rohit Gupta
2007-12-04 8:55 ` netfilter Jan Engelhardt
2004-05-26 2:18 netfilter sokhan heng
2004-05-27 8:11 ` netfilter John A. Sullivan III
2004-05-27 10:48 ` netfilter Henrik Nordstrom
2002-07-16 1:55 netfilter Ed Street
2002-07-16 11:07 ` netfilter Stephen Smalley
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.