Jan Engelhardt wrote:
On Monday 2009-01-12 08:18, Patrick McHardy wrote:
Jan Engelhardt wrote:
I can tell it is not (more like a missing feature if you will),
because /proc/net/ip_t* is for IPv4 only, and /proc/net/ip6_t*
is for IPv6 only. I had a patch somewhere that added a better
overview, let's see where in my git realms that disappeared...
>>
Its supposed to show the targets and matches *available* for
a family.
Possibly - I found no comment in the source.
It is older than xtables and has always worked that way. It doesn't
make sense to have the contents dependant on implementation details.
I also know that some UIs rely on having available modules shown,
IIRC one of them was shorewall. This needs to be fixed.
But the spartanic output of those proc files barely helps (especially
in light of multiple revisions), so here is the patch I spoke about,
refreshed and rebased, that solves the worries.
That seems a bit overkill. Text-based representation also doesn't seem
ideal, iptables already has this information and a cmdline user will
simply use "iptables ... -h" to get the supported option. For other
programs a binary representation would probably be easier to handle.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html