On 12.11, Florian Westphal wrote: > RFC for the kernel-side of the tracing changes. > > The first 128 bytes of the packet data is also dumped to userspace, currently > limited to when we do the initial 'skb->nf_trace=1' assignment in nft_meta.c > > Patrick, I saw your idea wrt. dumping register contents instead, but it > seems both complex and 'backwards' to me -- isn't the 'meta set nftrace' > rule already a selector, i.e. user would say something like > > 'tcp port 22 limit rate 1/second meta nftrace set 1' > > So I'm not sure its right to extend nftrace with additional selectors (its > also possible that I failed to understand what you were suggesting 8-} ) Yeah, it was about the data that we dump, to make that explicitly selectable. The idea was that you could explicitly specify to dump lets say tcp dport, skuid and cpu number. But it might not work since we'd have to propagate that selection along with the packet, so I guess, please forget about it :) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
