Unless there are a real lot of these addresses that are permitted, and they
change rapidly, then I'd expect it would be a better design to get all the
valid URIs from the MySQL query on init and store them in a linked list.
Also, people already do this type of thing with an HTTP proxy like squid
before the HTTPd.
----- Original Message -----
From: "Rayed" <rayed@xxxxxxxxxxxx>
To: <netfilter@xxxxxxxxxxxxxxxxxxx>
Sent: Monday, April 30, 2007 2:18 PM
Subject: Forking inside netfilter queue
Hi,
I am building netfilter queue application, that implement simple HTTP
filter.
It basically will capture the packet, extract the URL, and issue MySQL
lookup to see if the address is permitted or blocked.
My only fear that address lookup will block the traffic until I get the
lookup reply, so I am thinking of using preforking model to fork 10-20
processes to handle the same queue.
Has any one done multi prcoess handling of the queue, is it even doable?
Rayed
