Pablo Neira Ayuso wrote:
+enum xt_cluster_flags {
+ XT_CLUSTER_F_INV = (1 << 0)
+};
+
+struct xt_cluster_match_info {
+ u_int32_t total_nodes;
+ u_int32_t node_mask;
+ u_int32_t hash_seed;
+ u_int32_t flags;
+};
This doesn't seem like such a hot idea. I haven't seen the new
userspace patch, but assuming you're interested in the flags and
not ignoring them in userspace, the user has to specify the hash
seed for rule deletions.
You also have to chose the same seed for all nodes in a cluster.
This seems needlessly complicated, I'd suggest to simply use zero.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
