On Fri, Oct 04, 2013 at 04:51:39PM +0800, Gao feng wrote: > Hi Pablo, > > On 10/01/2013 07:05 PM, Pablo Neira Ayuso wrote: > > Hi Gao, > > > > On Wed, Sep 25, 2013 at 03:38:43PM +0800, Gao feng wrote: > >> This patchset adds net namespace support for ipt_CLUSTERIP, > >> makes clusterip_configs,clusterip_lock and clusterip_procdir > >> per net namespace, and allow users in container to operate > >> the proper pernet resource of CLUSTERIP. > >> > >> Gao feng (6): > >> ipt_CLUSTERIP: make proc directory per net namespace > >> ipt_CLUSTERIP: make clusterip_list per net namespace > >> ipt_CLUSTERIP: make clusterip_lock per net namespace > >> ipt_CLUSTERIP: add parameter net in clusterip_config_find_get > >> ipt_CLUSTERIP: create proc entry under proper ipt_CLUSTERIP directory > >> ipt_CLUSTERIP: use proper net namespace to operate CLUSTERIP > > > > CLUSTERIP is a subset of the cluster match. The cluster match allows > > gateway configurations, which are not possible with CLUSTERIP. > > Yes, but seems ipt_CLUSTERIP is more popular.(from the result I seach through google) Fair enough, applied to nf-next. > > If you really need these, I can take them. But I'd be happy if you can > > check the cluster match to make sure there are no issue regarding net > > namespaces. > > > > I looked into the codes of cluster match module, and did some simple test, > it has no need to do with net namespace. works well in container :) thanks a lot of checking Gao. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
