[PATCH] NETFILTER: add support for invert condition (!) in
ipt_limit
Henrik Nordstrom
hno at marasystems.com
Tue Oct 18 10:33:18 CEST 2005
On Mon, 17 Oct 2005, Sven Schuster wrote:
> I know it's been a while since netfilter/iptables has been developed,
> but why wasn't isn't the inversion built into the netfilter/iptables
> core??
Mainly because the way iptables is designed makes it extremely hard to
extend the core with new attributes without breaking compatibility with
userspace (which is not allowed), while doing it in the matches is very
simple even if it leads to duplicated code.
Regards
Henrik
More information about the netfilter-devel
mailing list