On Thursday 15 May 2008 14:34, Eric Leblond wrote: > Hello, > > On Thursday, 2008 May 15 at 14:21:23 +0500, Anton wrote: > > Regarding the performance of the lookup of the iptables > > rules for match inside the kernel, is there any plans > > to improve the behaviour or no plans in this area yet? > > Nf hipac is an alternative: http://www.hipac.org/ It looks like there is almost no development, but It would be good if i'm wrong > > > > > Do I miss anything? > > If you plan to use mark for QOS or routing why not simply > use native classifier of tc or "ip rule" ? Jan meant the exact case, I'm using this for shaper, so I would need to remake scripts to use IPMARK... hopefully it can also match networks... but this will give inflexibility in many cases, like ports > > One other thing to look at may be : > http://www.netfilter.org/projects/patch-o-matic/pom-exter >nal.html#pom-external-IPMARK > > BR, -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
