nf_conntrack [was Re: [PATCH 1/4] RFC: fast string matching
infrastrure for netfilter]
Patrick McHardy
kaber at trash.net
Fri Jan 14 04:16:19 CET 2005
Harald Welte wrote:
>>I think we should put ip_conntrack in maintenance mode, than we can
>>resync nf_conntrack and make changes like this before we submit it.
>>
>
>At last, we again agree :)
>
I've commited a TODO list for nf_conntrack (just off the top of my head)
to svn. Any further suggestions are appreciated.
Regards
Patrick
-------------- next part --------------
TODOs for nf_conntrack (last changed Jan 14 2005)
-------------------------------------------------
Some items are controversial, so make sure to get some feedback on
netfilter-develbefore working on any of these.
- Resync with latest ip_conntrack changes
- Function/structure name unification: s/nf_conntrack/nf_ct/
- Replace get_features stuff by ct_extend ?
- Don't waste space for IPv4 tuples (currently union with IPv6 tuples) ?
- kill ->confirm, nf_conntrack_confirm is generic
- Add nf_ct_get_afinfo for things like ip_ct_attach
- Some IPv4/IPv6 registered hook functions just call generic functions, this
means even longer call-chains. Add family argument to hook functions and
kill them ?
- IPv4 NAT
More information about the netfilter-devel
mailing list