On Nov 16 2007 15:22, Laszlo Attila Toth wrote:
>Addrtype match has a new revision (1), which lets address type checking
>limited to the interface the current packet belongs to. Either incoming
>or outgoing interface can be used depending on the current hook. In the
>FORWARD hook two maches should be used if both interfaces have to be checked.
Hey would not it be cool if this was bumped to xt_addrtype,
using .revision=0 with ipt_addrtype_info (with the old functionality),
and let .revision=1 use xt_addrtype_info (with the new functionality).
Much like the recently posted xt_tos/xt_owner.
>-struct ipt_addrtype_info {
>+enum
>+{
>+ IPT_ADDRTYPE_INVERT_SOURCE = 0x0001,
>+ IPT_ADDRTYPE_INVERT_DEST = 0x0002,
>+ IPT_ADDRTYPE_LIMIT_IFACE_IN = 0x0004,
>+ IPT_ADDRTYPE_LIMIT_IFACE_OUT = 0x0008,
>+};
>+
>+struct ipt_addrtype_info_v1 {
>+ u_int16_t source; /* source-type mask */
>+ u_int16_t dest; /* dest-type mask */
>+ u_int32_t flags;
>+};
>+
>+struct ipt_addrtype_info_v0 {
Is it actually ok to change ipt_addrtype_info into ipt_addrtype_info_v0?
It does not break binary compat, but source-level compat.
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
