Re: [PATCH 01/12] IP set core support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 19 Jan 2011, Patrick McHardy wrote:

> Am 19.01.2011 22:54, schrieb Jozsef Kadlecsik:
> > Hi Patrick,
> > 
> > On Wed, 19 Jan 2011, Patrick McHardy wrote:
> > 
> >>> +/* Interface to iptables/ip6tables */
> >>> +
> >>> +#define SO_IP_SET		83
> >>
> >> Just wondering if we should define this in relation to IP_BASE_CTL
> >> or something like that to avoid possible clashes in the future.
> > 
> > Or make it a module parameter?
> 
> I don't think that makes sense, the option needs to be known to
> userspace and is part of the ABI. My main concern was clashes with
> other options added in the future since the definition doesn't
> use any of the reserved ranges, like IP_CTL_BASE. I wasn't able
> to figure how you arrived at the value 83 and how we can avoid
> people reusing this value.

The value was inherited from ippool, many many years ago.

If/when iptables is linked against libmnl or alike, this remnant of the 
sockopt based protocol can completely be removed.

I'll send the updated patches to netfilter-devel tomorrow.

Best regards,
Jozsef
-
E-mail  : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxx
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
          H-1525 Budapest 114, POB. 49, Hungary
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux