[Ipchains-dev] Add remaining hooks to iptables?

Paul Rusty Russell Paul.Russell@rustcorp.com.au
Tue, 31 Aug 1999 12:12:08 -0700


In message <37CA5D41.C601E1B0@GiS.NeT> you write:
> Hi Paul,
> 
> It would be nice to be able to do a -j QUEUE on the other two hooks
> supported
> by netfilter, but not by iptables (PRE_ROUTINE and POST_ROUTING).
> Currently, you have to use the redirect.o module or something similar.  Is
> this possible?

[ Note that the new netfilter list is cc:'d above ]

Packet filtering doesn't belong on those hooks, and I knew if I put
them there people would use them 8-).

A better idea might be to separate out the packet-classifier API from
iptables into a separate library, and then it's trivial to write an
iptables-like module which hooks into a different hook.  This would be
an enhanced redirect module, in essence.

Rusty.
--
Hacking time.