[PATCH 1/4] Fix expectaction mask dumping, take #3
kaber at trash.net
Thu Feb 23 10:43:32 CET 2006
Yasuyuki KOZAKAI wrote:
> From: Patrick McHardy <kaber at trash.net>
> Date: Thu, 16 Feb 2006 21:11:01 +0100
>>Yes, but until then it looks totally redundant. Since the bandwidth
>>of netlink is limited, I think we shouldn't add new attributes without
>>really needing them.
> 'l3num' field in expectation mask may be 0xff. Then the new field is
> necessary so that kernel can pass the "exact value" in it to userspace.
> But, I don't know whether userspace really wants to know the exact value
> in it or not. I assumed, yes, but if it is not ture, I'll agree to Patrick.
My point was that a mask is pretty meaningless without the thing it
masks, which is the tuple (except maybe a mask of all-zeros). The tuple
itself already contains the correct protocol number.
More information about the netfilter-devel