condition for 2.6.16
Patrick McHardy
kaber at trash.net
Fri Apr 28 17:34:22 CEST 2006
KOVACS Krisztian wrote:
> Hi,
>
> On Friday 28 April 2006 15.07, Patrick McHardy wrote:
>
>>hard-coded size, but either way I don't like introducing this
>>limitation just to work around the small uglyness required to
>>keep a pointer inside the per-instance match data. We already
>>have multiple precedents for this.
>
>
> Indeed, there are multiple precedents for this. For example: CLUSTERIP
> (already in mainline) is by far the ugliest hack I've seen in any Netfilter
> code. :)
Hehe :) Yes, its not nice, but I refuse to add stupid limits just
because the infrastructure can't cleanly support per-instance state
(which is what makes it ugly, its not the shared state). And its not
so bad, the uglyness comes down to two or three extra lines of code,
one additional pointer in the data structure and one offsetof in
userspace.
More information about the netfilter-devel
mailing list