matching on existing connections. (and QUEUE target again)

[Rusty Russell]

In message <20000709203407.A9092@aldem.net> you write:
> On Mon, Jul 10, 2000 at 03:50:25AM +1000, Terje Malmedal wrote:
> 
> > Is it possible to make a matching decision based on whether some other
> > connection exists?
> 
>   AFAIK, not (yet). It would be possible through userspace handling,
>   where we can check existing conntrack records and make decision.

I was thinking we'd handle this with an ident helper (minor code
change, so conntrack helpers can alter ctinfo).  It would be slow, but
we could walk the connection table on new ident connections, looking
for reply connections matching that IP address pair.

Rusty.
--
Hacking time.