Harald Welte's blog
   

RSS

Harald's Web
gnumonks.org
hmw-consulting.de
sysmocom.de

Projects
OpenBSC
OsmocomBB
OsmocomTETRA
deDECTed.org
gpl-violations.org
gpl-devices.org
OpenMoko
gnufiish
OpenEZX
OpenBeacon
OpenPCD
librfid
openmrtd
opentom.org
netfilter/iptables

Categories

Archives

Other Bloggers
David Burgess
Zecke
Dieter Spaar
Michael Lauer
Stefan Schmidt
Rusty Russell
David Miller
Martin Pool
Jeremy Kerr
Tim Pritlove (German)
fukami (German)
fefe (German)
Bradley M. Kuhn
Lawrence Lessig
Kalyan Varma

Aggregators
kernelplanet.org
planet.netfilter.org
planet.openezx.org
planet.openmoko.org
planet.foss.in

Ohloh profile for laforge
identi.ca
twitter
flattr
Linked in
Xing

Creative Commons License
Articles on this blog/journal are licensed under a Creative Commons Attribution-NoDerivs 2.5 License.


blosxom


Contact/Impressum

       
Fri, 22 Feb 2002
conntrack and nat helpers in 2.6.x

The last couple of days I'm trying to finalize the first release of patch-o-matic-ng. Everything seems really close now. A lot of patchlets available for 2.4.x however are missing for 2.6.x kernels. Maybe the biggest and most important lack is for all conntrack/nat helpers.

The reason is that the semantics for those helpers have completely changed. They now get fed non-linear skb's by the conntrack core, which in turn means that they all need to copy the skb payload into some temporary buffer in order to search for some particular string (e.g. PORT command).

The conntrack core should definitely provide some function that is able to look for strings within a packet. Need to think more about this.

[ /linux/netfilter | permanent link ]