Pablo Neira Ayuso wrote:
Krzysztof Oledzki wrote:
Any chances to make it more frendly to new helpers and compatible with
out-of-tree helpers by registering a name directly from a helper and
using it? We may for example introduce something like /proc/net/nf_helpers.
We may directly set the name of the helper using the string that
identifies it instead of this id. However, this means more memory
consumption but more flexibility. I have another patch here that uses
strings to do so. The problem is that helpers doesn't have a limitation
in the name length and I don't like the idea of having a field
"helper_name" with variable length inside the nf_conntrack object. We
could make some reasonable assumptions, like considering that the helper
name would not be larger than 32 bytes.
Limiting the name makes sense. The helper match can only match
on I think 16 bytes, and that seems big enough.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
