On 14-Jun-2012, at 23:57, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > On Thu, Jun 14, 2012 at 02:18:33PM +0800, Deepak Jangid wrote: >> Hello Netfilter team, >> >> I am seeking an infrastructure for mapping >> conntrack(struct nf_conn) to a module private data structure as a context for >> every connection. >> I could not find any such. >> >> I can add the private info when I see a new connection. >> conntrack destroy events can be caught to destroy the >> private structure. >> But the thing is there is no mechanism to store the >> private info mapped to a connection. Either I will have to maintain >> hash-tables, which is highly irrelevant, or edit the nf_conn which seems a >> better way. >> >> What I was thinking is to have a list_head or a pointer >> to a structure in nf_conn which can handle such scenarios. >> >> Does this seems generic ? Well yes there is >> conntrack_extend, but it is not generic to be usable by other modules. > > But my guess is that conntrack extensions is what you want. See > net/netfilter/nf_conntrack_extend.c and > net/netfilter/nf_conntrack_timestamp.c for one example. Yes exactly, that is what I am talking about. But you see Struct nf_ct_ext_type .id is what bugging me. It is not generic i'll have to add an enum to use it. What I am suggesting is that we should make it general registrable. Well you asked, what I am trying to do is make an 7th layer application filter. Best regards, Deepak jangid-- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
