Pablo Neira Ayuso wrote: > Patrick McHardy wrote: >> Jiri Pirko wrote: >>> Hi all. >>> >>> I want to ask if there is any particular reason for ipt_CLUSTERIP to support >>> only address length of 6 (ETH_ALEN)? It seems to me reasonable for this to work >>> even with another types of network hw with different addr_len. >> None that I'm aware of, but the length is also used in the ABI, >> so you presently can't supply larger addresses. > > Not directly related to this but I wanted to discuss this time ago. Now > that we have xt_CLUSTER I think that we can deprecate ipt_CLUSTERIP. If xt_cluster supports everything ipt_CLUSTERIP does, thats fine with me. > With regards to this issue, it seems arptables only support EUI-48 (6 > bytes) for ethernet addresses, so xt_CLUSTER would inherit the same > problem but the point would be to fix arptables (not sure if possible > now without breaking ABI or adding some versioning like iptables). arptables currently supports up to 16 byte long addresses. Increasing this is difficult since the addresses are embedded in struct arpt_arp. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
