ipt_ulog.h versus ebt_ulog.h
Amin Azez
azez at ufomechanic.net
Wed Oct 19 11:41:58 CEST 2005
This becomes more important when I see that ebt_ulog and upt_ULOG
modules can't both be loaded into the kernel at the same time, and it
must be confusing for ULOG clients to have different structs passed
through depending whether ebtables or iptables sent the message.
Sam
Amin Azez wrote:
> Is there a strong reason why ebt_ulog.h log structure has
>
> char physindev[IFNAMSIZ];
> char physoutdev[IFNAMSIZ];
>
> and ipt_ulog.h structure does not support physdev?
>
> Also interesting that ebt_ulog has
> struct timeval stamp;
>
> but ipt_ulog has
> long timestamp_sec;
> long timestamp_usec;
>
>
> I'd like to supply a patch to address these issues for kernel space and
> user-space ulog tools, but I am soliciting feedback first.
>
> I think the first addition is more important than the second change.
>
> As a general principle although ebt_* /ipt_* network layer associations
> exist, these exist for matching criteria and it seems a bit strong to
> assume that just because the selection critera for the -J ULOG target
> was impemented in ipt_* or ebt_* that the ULOG reader is not interested
> in the entire frame. I mean this only to justify the change. I do also
> realise the ulog is to some degree now depracated.
>
> Sam
>
>
>
More information about the netfilter-devel
mailing list