On Monday 2010-01-25 17:48, Patrick McHardy wrote: >Jan Engelhardt wrote: >> On Monday 2010-01-25 16:37, Patrick McHardy wrote: >> >>> netfilter: xtables: add CT target >>> >>> Add a new target for the raw table, which can be used to specify conntrack >>> parameters for specific connections, f.i. the conntrack helper. >>> >>> The target attaches a "template" connection tracking entry to the skb, which >>> is used by the conntrack core when initializing the new conntrack. >> >>> include/linux/netfilter/xt_CT.h | 13 ++ >>> include/net/netfilter/nf_conntrack_helper.h | 3 >>> net/netfilter/Kconfig | 6 + >>> net/netfilter/Makefile | 1 >>> net/netfilter/nf_conntrack_helper.c | 19 +++ >>> net/netfilter/xt_CT.c | 142 ++++++++++++++++++++++++++++ >>> 6 files changed, 184 insertions(+) >> >> Is it perhaps feasible to put the xt_CT code into an already existing >> .c file (e.g. xt_conntrack.c) to cut on module overhead? > >They're quite different, so those two don't fit together very well. >We could add NOTRACK support to xt_CT and deprecate the NOTRACK module. > Sounds like a plan. Will you take care of that, or should I add it to my list? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
