Cc'ing Patrick. On Sun, Mar 01, 2015 at 07:06:13PM +0100, Markus Kötter wrote: [...] > I'd love a response regarding the odds of getting the nft trace > functionality merged - I promise to continue working on it, clean > things up, I'll take care it is optional and does not tie nft to > libnetfilter_conntrack (e.g. for embedded platforms). You can use libmnl, I think there's a example on the tree, so you don't really need to rely on libnetfilter_log. It would be good to have a netlink interface to configure nf_log, to provide a replacement for the existing /proc interface and allow further configurability (indicate the nfnetlink log group instead of defaulting on zero). I agree the existing interface to configure the prefered logging stub is not nice. I think it's reasonable to have some tracing command intergrated into nft, but we still have to discuss the text output layout. No objections from my side if you want to get that rfc patch in better shape and send us patches. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
