ct_sync for Linux 2.6.10
KOVACS Krisztian
hidden at sch.bme.hu
Tue Jan 11 00:22:19 CET 2005
Hi,
After some more hacking on ct_sync, I've finally committed the Linux
2.6 version to a separate branch in the Netfilter SVN repository. The
README file and the example scripts have been updated to reflect the
numerous changes I've made while doing the porting and some
restructuring. The changes include:
* some important parameters of ct_sync can be tuned on-the-fly
using sysctl; the path under /proc has changed as well (see
README for more information)
* the required patchset touching core Netfilter parts has been
substantially simplified (many thanks to Pablo Neira for his new
per-packet conntrack notifiers patch)
* loadable module arguments have changed, the only mandatory
parameter is 'syncdev'
* the internal NOTRACK hook can be disabled (although this is not
recommended and may cause severe problems if used without the
necessary NOTRACK rules in place)
All the code can be found in the SVN repository at:
http://svn.netfilter.org/netfilter/branches/netfilter-ha/linux-2.6
or alternatively in my public GNU Arch (tla) archive here:
http://people.netfilter.org/hidden/archives/2005-public
To simplify the lengthy and complicated kernel patching procedure
using quilt, I've created a single patch of the current ct_sync snapshot
for Linux 2.6.10, it's available here:
http://people.netfilter.org/hidden/ct_sync/snapshots/
As always, I have to point out that this version of ct_sync has had
very limited testing until now, so it's still experimental quality code
not recommended for production systems.
--
Krisztian Kovacs
More information about the netfilter-devel
mailing list