On Monday 2008-05-12 17:59, Patrick McHardy wrote: > cyx wrote: >> So there is no APIs we can use to manipulate the kernel's iptables, except >> invoking the "iptables" command from shell? so wired, it should be have some >> APIs to do the same as the "iptables" does. > > Unfortunately not, at least not for C. There is a perl-API, > but I forgot its name. Why does everything need a C API? head, tail, grep, sort, are all shell utilities without a C API yet they are used in an API-like fashion by the user: ls | grep foo | sort -r | tail -n 1 so I do not see anything wrong -- especially now that Henrik presented his patches -- to do the same with iptables. And it is not really hard to use pipe() from C. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
