Hi Kristian, On Sat, Dec 14, 2013 at 05:46:11PM +0100, Kristian Evensen wrote: > From: Kristian Evensen <kristian.evensen@xxxxxxxxx> > > Several of the TCP state variables tracked by conntrack are interesting for > userspace applications. This patch adds additional netlink attributes and > exports the rest of the variables contained in the ip_ct_tcp_state-struct, as > well as retrans from struct ip_ct_tcp. The size of the netlink message > increases, but as protoinfo is only called on get/dump, I don't think the > increased buffer requirement should be a problem. We have limited bandwidth in the event path and this information would be also included in those messages. > One example of a use case for these variables is to make monitoring of TCP > connections on middleboxes easier and more efficient. Applications would no > longer have to detect and keep track of TCP connections them self, they could > rather rely on the information provided by conntrack. By monitoring the > development of the sequence numbers and the window size, and using snapshots of > retrans, one could for example detect the type of tcp flow (thin/thick) and say > something about the quality of the link. Looking at the existing Netfilter userspace software that we have now, I cannot see how we can benefit from this proposed feature. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
