PATCH: new match: userindex

Patrick Schaaf bof at
Wed Dec 8 15:12:30 CET 2004

On Wed, Dec 08, 2004 at 03:04:09PM +0100, Ferry Huberts wrote:
> >> Kernel module for attaching a user specified index to a rule.
> >> It matches every packet in order to have no influence on packet
> >> matching,
> >> the only effect is to add a user index to a rule
> >
> > I think this is already covered - in extended form, i.e. arbitrary string
> > instead of an integer - by the comment match, found in patch-o-matic.
> I know, but I needed a leaner module

Did you have performance / memory consumption issues with comment,
that you won't have with your new module?

> Also, using a number is much simpler, at least for me :-)

There's nothing stopping you from putting a number (ASCII formatted)
into the comment string. Per match, this will waste roughly NR_CPU*252 byte.

How many annotations do you need? Is your main memory really that constrained?

best regards

More information about the netfilter-devel mailing list