On Wednesday 2009-02-11 15:37, Patrick McHardy wrote: > Jesper Dangaard Brouer wrote: >> On Mon, 9 Feb 2009, Ignacy Gawedzki wrote: >>> My question was not about how to prevent the machine from crashing, but >>> rather >>> how are we supposed to manipulate iptables, now that libiptc is not >>> available. >>> <cut> >> >> I would propose that we add libiptc again. >> >> Possibly as a shared library, like we have libxtables.so? >> >> Controlling API/ABI changes is going to be a lot harder when people starts to >> incorporate the libiptc code into their own source distributions. (I'm also >> guildy with the Perl IPTables::libiptc package...) >> >> Patrick, what do you say? > > Agreed on your reasoning. I don't have much of an opinion, we > mainly tried to hide it because it was never suitable for anything > else than a short "iptables ..." command because of memory leaks > etc. I think we're a lot better with this nowadays, if we can > get the worst remaining ones plugged and somewhat of a usable > API we can certainly add it as a library. > I have the code ready, it is easily mergeable-and-revertible(*) too, but let's wait with that because it currently relies on a certain revision of Makefile.am (IOW: merge conflicts with nf). (*) That is, changing it from 'lib_LTLIBRARIES' to 'noinst_LTLIBARIES' and it automatically becomes static wrt. the executables again. Oh I love automake :) git://dev.medozas.de/iptables iptc -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
