newbie question about registering target

[Sandip Bhattacharya]

> The kernel module is only one half of a target's implementation. The other,
> additional, component is a target extension to the _userspace_ iptables
> program. Those are shared libraries, one per target, which need to
> be built and installed by working from the userlevel iptables source
> code directory. There, you'll find examples for all currently available
> targets, just like you found on the kernel side. It's about the same
> complexity as the kernel work, with the main focus on option parsing
> and filling the user/kernel target data definition structure.


Eeep. From the docs ,I thought the userspace one was "optional". <sheepish>

Just asking for my knowledge - even if the target has no options, why is 
there a need to provide an userspace module if the kernel has all the 
necessary information? Or is it just to provide an option for  message 
passing from userspace to kernel ?


> If you have the source tree, just look at userspace/extensions/.
> 

Doing that. Thanks.

- Sandip