On Wednesday 2010-03-03 19:41, Balaji Venkatamohan wrote: > >I need to use regular expressions inside the point of decision match >function. I could not use 'regex.h ' or any other standard C library >inside any of xt_*.c or xt_c*.h files. I could also see that none of the >netfilter match extensions have them. I would also like to know why is it >so? Regular expressions are not the cheapest, both time and memory-wise: you have to keep in mind NF runs in irq context. Furthermore, since you only see single packets rather than the connection stream, regexes prove to be far less useful. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
