Re: Starting point in netfilter development

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Florian Westphal <fw@strlen.de>
Cc: Quentin Headen <qheaden@phaseshiftsoftware.com>,
	netfilter-devel@vger.kernel.org
Subject: Re: Starting point in netfilter development
Date: Thu, 3 Jul 2014 11:18:59 +0200	[thread overview]
Message-ID: <20140703091859.GA4358@localhost> (raw)
In-Reply-To: <20140702204323.GA22753@breakpoint.cc>

On Wed, Jul 02, 2014 at 10:43:23PM +0200, Florian Westphal wrote:
> Quentin Headen <qheaden@phaseshiftsoftware.com> wrote:
> >  Florian Westphal <fw@strlen.de> wrote:
> > > nftables is currently under active development; f.e. you could
> > > add one of the missing iptables extensions such as hashlimit
> > > or nfacct.
> > 
> > Working on hashlimit for nftables sounds interesting.
> 
> Its not very beginner-friendly though.
> nfacct *might* be a bit simpler.

I think this proposal was a good idea, but just to avoid overlap.
Arturo already started some hacking on that.

We're still discussing the integration with the new nftables
transaction infrastructure, the idea is to add native nf_tables
commands to add/delete/dump accounting objects, but that would add
dependencies between nfnetlink_acct and nf_tables, which is something
that should only happen on demand.

> Maybe someone else has a better idea.

Working on userspace seems like a better option for a newbie, I'd
suggest. So I would point to detecting bugs in nft, file them into
netfilter's bugzilla and trying to fix them.

next prev parent reply	other threads:[~2014-07-03  9:19 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-06-30 13:03 Starting point in netfilter development Quentin Headen
2014-06-30 15:22 ` Florian Westphal
2014-07-01  1:45   ` Quentin Headen
2014-07-02 20:43     ` Florian Westphal
2014-07-03  9:18       ` Pablo Neira Ayuso [this message]
2014-07-05  5:15         ` Quentin Headen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20140703091859.GA4358@localhost \
    --to=pablo@netfilter.org \
    --cc=fw@strlen.de \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=qheaden@phaseshiftsoftware.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).