[PATCH 1/3][CONNTRACK] Introduce flag facilities to take over
TCP connections
Pablo Neira Ayuso
pablo at netfilter.org
Wed Nov 29 15:27:17 CET 2006
Patrick McHardy wrote:
> Pablo Neira Ayuso wrote:
>> Hi Patrick,
>>
>> I reworked the previous patch based on some of your suggestions. Let me
>> know what you think.
>
> We're almost there :)
>
>> + /* skip window scale and flags dump if hard tracking is by passed */
>
> minor nitpick: bypassed
OK ;)
>> + NFA_PUT(skb, CTA_PROTOINFO_TCP_FLAGS_ORIGINAL, sizeof(u_int8_t),
>> + &ct->proto.tcp.seen[0].flags);
>> +
>> + NFA_PUT(skb, CTA_PROTOINFO_TCP_FLAGS_REPLY, sizeof(u_int8_t),
>> + &ct->proto.tcp.seen[1].flags);
>
> The attributes should contain the same data type in both directions,
> the receive side expects a structure.
how could the mask field make sense for the dumping?
--
The dawn of the fourth age of Linux firewalling is coming; a time of
great struggle and heroic deeds -- J.Kadlecsik got inspired by J.Morris
More information about the netfilter-devel
mailing list