Re: conntrack enhancement

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



(Re-send this again including CC)

Hi Florian,

I suspect this is for -j CONNMARK  --restore-mark / --save-mark ?

>> Yes, current thought is to shift bits when mark is restored.

Something like

skb->mark = ct->mark >> $lshift; ?

>> Yes, we shift ct marks.

I don't really understand how this is supposed to work.
Could you elaborate a bit?

>> It's common to run out of fwmark, skb->mark first. This suggestion basically attempts to 'grab' certain bits from ct->mark,
      so we can restore the desired bits into skb->mark. Once skb is marked correctly, we can easily achieve more versatile
      routing per skb. However, this solution is not going to be scalable in the future. Currently, we still have enough bits in ct->mark
      left, but way less bits left in skb->mark (which have been occupied by other features thats connectionless)...


Thanks,

Jack--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux