Jan Engelhardt wrote: > On Monday 2010-01-25 17:48, Patrick McHardy wrote: >> Jan Engelhardt wrote: >>> On Monday 2010-01-25 16:37, Patrick McHardy wrote: >>> >>>> netfilter: xtables: add CT target >>>> >>>> Add a new target for the raw table, which can be used to specify conntrack >>>> parameters for specific connections, f.i. the conntrack helper. >>>> >>>> The target attaches a "template" connection tracking entry to the skb, which >>>> is used by the conntrack core when initializing the new conntrack. >>>> include/linux/netfilter/xt_CT.h | 13 ++ >>>> include/net/netfilter/nf_conntrack_helper.h | 3 >>>> net/netfilter/Kconfig | 6 + >>>> net/netfilter/Makefile | 1 >>>> net/netfilter/nf_conntrack_helper.c | 19 +++ >>>> net/netfilter/xt_CT.c | 142 ++++++++++++++++++++++++++++ >>>> 6 files changed, 184 insertions(+) >>> Is it perhaps feasible to put the xt_CT code into an already existing >>> .c file (e.g. xt_conntrack.c) to cut on module overhead? >> They're quite different, so those two don't fit together very well. >> We could add NOTRACK support to xt_CT and deprecate the NOTRACK module. >> > Sounds like a plan. Will you take care of that, or should I add it > to my list? I'll take care of it and will include it in the next submission. Does anyone have an opinion on supporting specifying helper parameters? I'm considering adding something like 5 generically usable u32s and have helpers initialize parameters like FTP "loose" or SIP "direct_media" based on those. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
