Hi, On h, jan 21, 2008 at 02:23:25 +0100, Jan Engelhardt wrote: > On January 21 2008 10:11, Laszlo Attila Toth wrote: > >Jan Engelhardt wrote: > >> I just remembered that xt_socket (from tproxy) does an (explicit) socket > >> lookup. xt_owner on the other hand, takes the socket pointer from the skb -- > >> which of course only works in the output path. > >> > >> xt_owner is still in the 2.6.25 development queue, and because the two > >> modules are similar, I thought that maybe xt_owner could be merged with > >> xt_socket (doing a rename to xt_socket in the current net-2.6.25), > >> because they are quite close in their task. > >> > >> That would also allow xt_owner to be used in the input path. > >> > >> Opinions? > > > > Hello, > > > > That sounds great. > > > > Note that the socket match depends on tproxy core, also the tproxy would be > > partially merged into the net-2.25 tree. [...] > > Here is what I had in mind, please have a look. > http://dev.computergmbh.de/gitweb.cgi?p=linux;h=dev-xtsocket;a=shortlog This won't work: + sk = nf_tproxy_get_v4(iph->protocol, iph->saddr, iph->daddr, + hp->source, hp->dest, in, false); + if (sk != NULL) + nf_tproxy_put_sock(sk); + return sk; socket_mt_get() returns a struct sock * without holding a reference for that pointer. -- KOVACS Krisztian - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html