Patrick McHardy wrote:
Pablo Neira Ayuso wrote:
heitzenberger@xxxxxxxxxx wrote:
Also implement garbage collection to account for the fact that netlink
messages are sometimes lost (ENOBUFS) on busy sites.
Well, this NFCT stuff is a big hack. I'm sure that you have solved
several issues with those patches but sorry, I don't like them at all.
There's several parts of conntrackd that we could use to rework this eg.
an implementation of a generic hash table in conntrackd that we can
reuse and nfnl_recv_msgs looks very similar to nfnl_catch, etc. Also,
the ENOBUFS handling is still a mess. I'm better keeping back these NFCT
patches. I'll try to give some spins to it.
What exactly are your objections? From what I can see it simply
improves performance of the existing code and cleans it up a bit.
Generally speaking, conntrackd doesn't matter here in my opinion,
features are either present in the libraries or have to be implemented
in users of the same. Demanding that code uses foreign non-library
code in a execve-fashion is just not reasonable.
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
