From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Giuseppe Longo <giuseppelng@gmail.com>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [iptables-compat PATCH 0/3] ebtables compat layer
Date: Sun, 24 Aug 2014 16:18:15 +0200 [thread overview]
Message-ID: <20140824141815.GA8186@salvia> (raw)
In-Reply-To: <1408699755-17785-1-git-send-email-giuseppelng@gmail.com>
On Fri, Aug 22, 2014 at 11:29:12AM +0200, Giuseppe Longo wrote:
> Hi Pablo,
> the btables-compat is almost ready,
At quick glance the approach looks correct to me. The parser and the
specific bridge code is well-encapsulated.
> I've fixed the issues with flags, there are two small issues
> to be fixed yet:
>
> - rules with logical interfaces are not deleted
> - when listing rule, the mask is printed when it's not set
>
> The filter table is working properly except these issues,
> that I'm going to fix in these days.
Great, I'm looking forward to having fixes for these. Please, let us
know if we can help.
On top of that, please, also rebase your patches to use the new
nft_xt_ctx structure so it remains consistent with the ip, ip6 and arp
compat code.
I'd like to see a v2 round soon.
> There is no support yet for nat and brouting,
> I'm working on checksum expr.
OK, I guess you mean the enhancement for payload to mangle packets.
> I would know what you have in mind for these patches,
> if you want to accept them when the issues are fixed
> even if there is no nat support yet or or what else?
I would like to see the filter code already in mainstream.
The bridge "NAT" (which is actually a simple stateless packet
mangling) will have to wait until we have support for this in the
kernel anyway.
> So I can organize the work to do.
>
> There are still some extensions that have to be moved
> to libxtables.
Please, make a short summary of those.
Thanks for your work.
prev parent reply other threads:[~2014-08-24 14:17 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-22 9:29 [iptables-compat PATCH 0/3] ebtables compat layer Giuseppe Longo
2014-08-22 9:29 ` [iptables-compat PATCH 1/3] xtables: bootstrap xtables-eb for nftables Giuseppe Longo
2014-08-22 9:29 ` [iptables-compat PATCH 2/3] nft-shared: make compare_matches as public Giuseppe Longo
2014-08-22 9:29 ` [iptables-compat PATCH 3/3] Operations for bridge family Giuseppe Longo
2014-08-24 14:18 ` Pablo Neira Ayuso [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140824141815.GA8186@salvia \
--to=pablo@netfilter.org \
--cc=giuseppelng@gmail.com \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).