Patrick McHardy wrote: > Pablo Neira Ayuso wrote: >> Jan Engelhardt wrote: >>> What will netlink bring us, with respect to the two states: >>> - old iptables, new kernel >>> - new iptables, old kernel >>> so matching some UUIDs (and .revision is one, more or less) seems >>> like the way >>> to go. >> >> Netlink doesn't stick us to fixed structure layouts as it happens to the >> current interface since we represent the messages kernel <-> userspace >> in TLV (type-length-value) format. Thus, userspace and kernel won't >> share structures and new features just require a new type. For that >> reason, the netlink interface won't require such revision infrastructure. >> >> Not that I'm against your patches, I'm just stating the right direction >> to go for those 5-10 years that you have mentioned. And of course, we >> don't have a single line of such interface at the moment :) > > > Actually we do, I've been working on it, but had to interrupt > for some other stuff. I hope to get back to it over christmas > and beginning of next year. The goal is to add a compat layer > for old iptables userspace, but I don't really care about how > ugly it gets since we hopefully never have to look at it again > until its removal :) Cool, consider putting it somewhere, I'm willing to contribute to it ;). BTW, if nobody complains I'll release iptables 1.4.0 final between today and tomorrow. -- "Los honestos son inadaptados sociales" -- Les Luthiers - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
