Re: Firewall netlink question...
Daniel Stone (daniel@kabuki.eyep.net)
23 Jan 2001 18:33:48 +1100
On 22 Jan 2001 11:58:26 +0000, Scaramanga wrote:
> Hi,
> >> What was wrong with the firewall netlink? My re-implementation works great
> >> here. I can't see why anything else would be needed, QUEUE seems twice as
> >> complex. Unless with QUEUE the userspce applications can make decisions on
> >> what to do with the packet? In which case, it would be far too inefficient
> >> for an application like mine, where all i need is to be able to read the
> >> IP datagrams..
> >
> > It can modify and then reinject the packet if it so wishes.
>
> Excellent, I didn't pick up on that, with the cursory glance at the code i took.
>
> I wonder, would there be any interest/point in my NETLINK module, which
> provides a backward compatible netlink interface. There are a good few
> apps out there which rely on it, and its nice not to have to run a daemon
> and install a new library, and re-write them just to continue using them...
This is a great idea.
Seeing as we have the compatability for ipchains and ipfwadm, this can't
be an altogether thing. Plus, userspace hacks to detect kernel versions
are always bad.
> egg.microsoft.com: Remote operating system guess: Solaris 2.6 - 2.7
My all-time favourite is Microsoft-IIS/4.0 (Unix) mod_ssl/2.<whatever>
OpenSSL/0.9.4
--
Daniel Stone
Linux Kernel Developer
daniel@kabuki.eyep.net
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
G!>CS d s++:- a---- C++ ULS++++$>B P---- L+++>++++ E+(joe)>+++ W++ N->++ !o
K? w++(--) O---- M- V-- PS+++ PE- Y PGP>++ t--- 5-- X- R- tv-(!) b+++ DI+++
D+ G e->++ h!(+) r+(%) y? UF++
------END GEEK CODE BLOCK------
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/