On 02.11.2010 21:52, David Miller wrote: > > H. Peter Anvin just mentioned something interesting to me, > basically it's the fact that when your prefix addresses > change on an interface in ipv6, this can invalidate your > netfilter rules. > > So it would be nice if there were some way to match "the > ipv6 prefix address on interface X", and through some > kind of caching this could be optimized so it wouldn't > really cost anything. > > Thoughts? Perhaps something similar to the IPv4 addrtype match would work? Basically it allows you to match on inet_addr_type() of the source or destination address. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
