On Wednesday 2011-11-30 19:22, Pablo Neira Ayuso wrote: >> >> As for 1, you can use genetlink, just as I do for the copy of ipset >> in xtables-addons. Being forced to use nfnetlink has been point of >> much discussion and ultimately, nobody was able to provide a >> technical reason on why nfnetlink is better. > >Well, few differences. With genetlink: > >* you have to send a message to look up for the ID first (to guess the > multicast group and subsystem IDs). That is to be expected and rather ok (usernames<->UID mapping is the very same issue in many a program). Adding myself, from the previous discussions, * one needs to listen for ID changes => I hope that genetlink can be tuned so as to pin modules while any socket to them is open, so that there will be no change. >* you don't know how many users will using the genetlink bus. You'll > have to share the bandwidth with them. That is rather a non-argument - you won't know many nfnetlink users there will be either. But anyway, this would only apply to mcast messages, and then only when you actually subscribed, does it not? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
