On Wed, 19 Jan 2011, Patrick McHardy wrote: > Am 19.01.2011 22:54, schrieb Jozsef Kadlecsik: > > Hi Patrick, > > > > On Wed, 19 Jan 2011, Patrick McHardy wrote: > > > >>> +/* Interface to iptables/ip6tables */ > >>> + > >>> +#define SO_IP_SET 83 > >> > >> Just wondering if we should define this in relation to IP_BASE_CTL > >> or something like that to avoid possible clashes in the future. > > > > Or make it a module parameter? > > I don't think that makes sense, the option needs to be known to > userspace and is part of the ABI. My main concern was clashes with > other options added in the future since the definition doesn't > use any of the reserved ranges, like IP_CTL_BASE. I wasn't able > to figure how you arrived at the value 83 and how we can avoid > people reusing this value. The value was inherited from ippool, many many years ago. If/when iptables is linked against libmnl or alike, this remnant of the sockopt based protocol can completely be removed. I'll send the updated patches to netfilter-devel tomorrow. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html