From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Kristian Evensen <kristian.evensen@gmail.com>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH RFC nf_conntrack_tcp] Export ip_ct_tcp_state variables to userspace
Date: Tue, 17 Dec 2013 15:30:59 +0100 [thread overview]
Message-ID: <20131217143059.GA13342@localhost> (raw)
In-Reply-To: <CAKfDRXg2uok+E8+O+GsSJfBmNVyQR03iw=+EtT77su0LJcUbaw@mail.gmail.com>
On Tue, Dec 17, 2013 at 03:22:50PM +0100, Kristian Evensen wrote:
> Hi Pablo,
>
> Thank you very much for your reply.
>
> On Tue, Dec 17, 2013 at 2:16 PM, Pablo Neira Ayuso <pablo@netfilter.org> wrote:
> > We have limited bandwidth in the event path and this information would
> > be also included in those messages.
>
> Ah, I see, I missed that one. Thanks for letting me know.
>
> > Looking at the existing Netfilter userspace software that we have now,
> > I cannot see how we can benefit from this proposed feature.
>
> One example application I thought of was a "middlebox/router-version"
> of ss, with some added logic for for example identifying TCP
> connections.
I guess that application you refer can be the conntrack [1] userspace
tool.
I still don't see how that information can be useful to be included in
that output as it changes very fast and by polling you will only get
stale snapshots of what it's actually happening in the TCP tracking
subsystem.
[1] http://www.netfilter.org/projects/conntrack-tools/index.html
next prev parent reply other threads:[~2013-12-17 14:31 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-14 16:46 [PATCH RFC nf_conntrack_tcp] Export ip_ct_tcp_state variables to userspace Kristian Evensen
2013-12-17 13:16 ` Pablo Neira Ayuso
2013-12-17 14:22 ` Kristian Evensen
2013-12-17 14:30 ` Pablo Neira Ayuso [this message]
2013-12-17 14:50 ` Kristian Evensen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20131217143059.GA13342@localhost \
--to=pablo@netfilter.org \
--cc=kristian.evensen@gmail.com \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).