Jan Engelhardt wrote:
On Thursday 2009-01-15 15:06, Pablo Neira Ayuso wrote:
Patrick McHardy wrote:
Jan Engelhardt wrote:
But the spartanic output of those proc files barely helps (especially
in light of multiple revisions), so here is the patch I spoke about,
refreshed and rebased, that solves the worries.
That seems a bit overkill. Text-based representation also doesn't seem
ideal, iptables already has this information and a cmdline user will
simply use "iptables ... -h" to get the supported option. For other
programs a binary representation would probably be easier to handle.
Agreed. The text-based interface seems to me like yet-another-interface
that users may (ab)use (like /proc/net/nf_conntrack, I have seen people
polling from it to display information, this was OK in the early days).
Following this basis, one may come and implement another text-based
interface to display the rule-set in the kernel and so on.
But is there an equivalent user tool and interface at this time
to obtain the same information?
No that I know of, but that doesn't matter as long as nobody has a
need for it.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html