Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > On Thu, Jul 12, 2018 at 01:03:00PM +0200, Florian Westphal wrote: > > Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx> wrote: > > > +extern struct list_head nft_osf_fingers[2]; > > > > How is this going to be used? > > > > I find it weird to see this in netfilter core. > > We can also place it as a struct nft_object_ops, but we'll need some > infrastructure to define singleton objects, ie. allow to add only one > single instance of the 'osf' fingerprints object that can be used the > rule. Why so complicated? Where is this file coming from? Do we even need a file? Why/how does user care? I get feeling we only have this nfnl_osf tool because iptables uapi is smelly and can't do any better. So again, how does this look like from user point of view? Is it something that is going to be shipped with nft itself? Is it something coming from external source? What is this osf nft version going to be? A statement? An expression? If so, what does it return? Name of os found in a register? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
