On Tuesday 2008-07-01 15:08, Evgeniy Polyakov wrote: >> > >> >I'm not sure it is that simple. OSF uses common rules database >> >shared with OpenBSD (and other *BSDs as well), so converting it into u32 >> >match would require noticeble efforts. But in theory it is probably >> >doable. >> >> This would be preferrable in my opinion since they both allow >> programmable filters, but u32 appears to be more flexible. I'm >> very reluctant to add new iptables modules that don't increase >> expressiveness or provide other clear benefits since we already >> have an insane amount of modules. An iptables extension which you can use with -m osf --genre Linux but which internally uses xt_u32.ko would be the perfect solution ATM IMO. It would require a number of changes to the iptables API though... -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
