[netfilter-cvslog] r3661 - trunk/iptables

laforge at netfilter.org laforge at netfilter.org
Sat Feb 12 22:03:42 CET 2005


Author: laforge at netfilter.org
Date: 2005-02-12 22:03:42 +0100 (Sat, 12 Feb 2005)
New Revision: 3661

Removed:
   trunk/iptables/CURRENT_ISSUES
   trunk/iptables/TODO
Log:
remove way outdated files


Deleted: trunk/iptables/CURRENT_ISSUES
===================================================================
--- trunk/iptables/CURRENT_ISSUES	2005-02-12 21:02:26 UTC (rev 3660)
+++ trunk/iptables/CURRENT_ISSUES	2005-02-12 21:03:42 UTC (rev 3661)
@@ -1,30 +0,0 @@
-save/restore problem of owner match
-	- userspace
-u32 match
-	- can wait
-XDMCP conntrack/nat
-	- can wait
-nf_debug stuff
-	- can wait
-ipt_ACCOUNT
-	- can wait
-UDP stream timeout (180s) doens't apply for first reply packet
-	- fix by Martin Josefsson, needs review/testing
-SLOG target
-	- no further work expected
-	- needs to be integrated with recent nfnetlink/ctnetlink
-loop detection / nf_hipac (mail from dec 15
-	- need time
-IPv6 REJECT target fix
-	- important, it's a pity that it's still broken
-bi-directional ftp state tracking
-	- do we want this?
-final ACK of a SYN - SYN/ACK - ACK tcp handshake establishes ASSURED
-	- patch is on list, needs testing + comments from kadlec
-expectations allegedly don't work on sparc64
-	- see <771F217D7A4AF84494632457889470A412D77A at bcmsg011.corp.ads>
-	- is this in bugzilla yet?
-new bytelimit match
-	- unify it with 'limit' for 2.5.x
-boolean MARK operations
-	- patch by Anders Fugmann, needs 64bit testing

Deleted: trunk/iptables/TODO
===================================================================
--- trunk/iptables/TODO	2005-02-12 21:02:26 UTC (rev 3660)
+++ trunk/iptables/TODO	2005-02-12 21:03:42 UTC (rev 3661)
@@ -1,66 +0,0 @@
-TODO List for netfilter / iptables. 
-Currently maintained by Harald Welte <laforge at gnumonks.org>
-
-Please inform me, if you want to work on any of the TODO items, so I
-can update this list and thus prevent two people doing the same work.
-
-CVS ID: $Id: TODO,v 1.71 2003/11/06 23:20:00 laforge Exp $
-
-IMPORTANT issues:
-- erroneously too-fast dropped conntrack for half-open TCP connections [JK]
-- --mac-source not working in FORWARD (manpage bug?) [BZ]
-- locally bound udp port can still be used for MASQ/SNAT [BZ]
-- unaligned access of nulldevname during string match [BZ]
-- unaligned access in interface match (ip_tables core)
-- update documentation to reflect newnat
-- release iptables-1.3.0-test (with new libiptc for speedup)
-- ipv6 ldp (igmp) and ndisc bypasses LOCAL_OUT hook
-
-TO BE INVESTIGATED:
-- packet counters on sparc64 platform [BZ]
-- conntrack helper not called for first packet (udp!)
-- different behaviour for first packet towards an l2-unresolved ip?
-
-NICE to have:
-- sysctl support for ftp-multi, irc-conntrack/nat, ftp-fxp [BZ]
-- port conntrack to IPv6 (code reuse?) 
-- ip_nat_ident module [BZ]
-- make iptables / ip6tables use the same codebase (as libiptc) [KA]
-- libipq reentrancy [JM]
-- compiling without O2 issue [BZ]
-- libipq runtime version, do before 1.2.5 [JM]
-- l3 independent ip_queue / ULOG (2.6)
-- add support for IRC tracking in opposite direction
-- Find mirrors for www.TLD.netfilter.org domains
-- example section on homepage
-- searchable mailinglist archives
-- faq-o-matic system
-
-FUTURE extensions:
-- dealing with fragmented expectation-causes (i.e. DCC chat split
-  over two packets, etc.)
-- conntrack / nat failover [HW]
-- unified nfnetlink for queue,ulog,conntrack (and more?) (2.5 issue)
-
-Userspace queuing for 2.5:
-- Integration with nfnetlink.
-- Multiple queues per protocol.
-- Netlink broadcast support.
-- Allow multiple reader/writers in userspace.
-- How to handle multiple protocols (e.g. use separate queue handlers
-  or a multiplexer like ipqmpd).
-- Peformance improvements: multipart messages, mmaped socket (possibly).
-- Simplify queuing logic, which is quite ugly at the moment. (BC suggested
-  removing logic from kernel).
-- Allow userspace to set nfmark.
-- Allow userspace to set queue length etc.
-- Possibly pass conntrack/NAT info to userspace with packet.
-
-======================================================================
-[BC]	Brad Chapman <kakadu_croc at yahoo.com>
-[HW]	Harald Welte <laforge at gnumonks.org>
-[JK]	Jozsef Kadlecsik <kadlec at blackhole.kfki.hu>
-[JM]	James Morris <jmorris at intercode.com.au>
-[KA]	Kiz-Szabo Andras <kisza at sch.bme.hu>
-[RR]	Paul 'Rusty' Russel <rusty at rustcorp.com.au>
-[BZ]	Included in Bugzilla System




More information about the netfilter-cvslog mailing list