Hi Jozsef, Pablo Neira Ayuso wrote:
I see, but something similar to nfnetlink_queue/NFQUEUE (per-process) together with an extended version of the `conntrack match' for events would be more flexible
Another very simple choice can be to add more multicast groups according to the sort of events. We can get more fine grain event selection while keeping it per-process. Currently, there's only three sort of events: NEW, UPDATE and DESTROY. We can add more netlink multicast groups to allow user-space to select what kind of events they are interested.
I'm going to send a patch for this. The point here is to make event groups generic enough to make them useful for all sort of applications.
-- "Los honestos son inadaptados sociales" -- Les Luthiers -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
