[PATCH] new 'tcpack' match
Jonas Berlin
xkr47 at outerspace.dyndns.org
Mon Apr 4 01:36:24 CEST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Patrick McHardy wrote:
|> Matches TCP packets that has no payload, i.e. contains only ACKs.
|
| I can see that it would be useful, given all the half-working ACK
| matching rules for shaping floating around, but we already a tcp
| match, so it should be done in there, and, if possible, kept a little
I was thinking of this, but my mind tricked me into believing that it was a
too bold thing to do..
Speaking of tcp match.. would you happen to know when the "h" union of
sk_buff is instantiated?
~ a) first time someone does -p something
~ b) somewhere before the filter table
~ c) in a seemingly unpredictable fashion
~ d) ?
I kindof recall sometimes using it and oopsing the kernel because it was not
yet initialized.. The patch I posted currently starts from nh and calculates
the tcp header start itself.. :)
| bit more generic. Perhaps a data-len match option.
I was thinking of this too but couldn't think of much use for more specific
length-matching, so I thought I'd save a few cycles.. but ok if you think
it's the way to go, I go. :)
Any parameter name suggestions? "[!] --has-payload" ?
- --
- - xkr47
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFCUH32xyF48ZTvn+4RAk4DAJ9cnX1IXU6Qn0HuWoBoZvZPakpBAACeK/lY
PsmEkZ6Bk0G9cpixt0FaJic=
=j2oo
-----END PGP SIGNATURE-----
More information about the netfilter-devel
mailing list