Harald Welte's blog

Getting back into netfilter/iptables work

I've been gone for long enough. Even though neither my RFID projects nor OpenMoko are anywhere close to be finished, I'm determined to get back into netfilter work again.

Started to catch up with mailing lists. There has been amazing progress, most notably the implementation of NAT for nf_conntrack, which finally should get us rid of the old ip_conntrack code in one of the upcoming kernel releases. No more support of two versions in parallel. And the ability to do IPv4 NAT and IPv6 connection tracking on the same machine. Isn't that all that we wanted? Not quite...

So for now, I'm participating in the discussions again, and I'm now also working on getting IPv6 interpreter plug-ins into ulogd2. The nfnetlink_log mechanism can happily send IPv6 packets to user space, it's just that ulogd2 doesn't yet know what to do with them. That needs to be changed.

Harald Welte's blog

	RSS Harald's Web gnumonks.org hmw-consulting.de sysmocom.de Projects OpenBSC OsmocomBB OsmocomTETRA deDECTed.org gpl-violations.org gpl-devices.org OpenMoko gnufiish OpenEZX OpenBeacon OpenPCD librfid openmrtd opentom.org netfilter/iptables Categories Root (1092) ccc (27) dect (2) electronics (21) gsm (126) osmocom-bb (7) knf (4) linux (699) a780 (39) conferences (128) cyberjack (4) gnuradio (5) gpl-violations (139) gspc (6) mobile (29) mrtd (35) netfilter (117) openmoko (52) opentom (7) samsung (1) via (23) misc (21) osmocom (13) personal (114) bollywood (17) taiwan (5) photography (9) politics (30) swpat (3) tetra (3) Archives 2013 (7) March (2) February (3) January (2) 2012 (31) December (1) November (1) September (2) June (4) May (6) April (2) March (8) February (1) January (6) 2011 (47) 2010 (96) 2009 (146) 2008 (106) 2007 (53) 2006 (154) 2005 (248) 2004 (198) 2003 (5) 2002 (1) Other Bloggers David Burgess Zecke Dieter Spaar Michael Lauer Stefan Schmidt Rusty Russell David Miller Martin Pool Jeremy Kerr Tim Pritlove (German) fukami (German) fefe (German) Bradley M. Kuhn Lawrence Lessig Kalyan Varma Aggregators kernelplanet.org planet.netfilter.org planet.openezx.org planet.openmoko.org planet.foss.in identi.ca twitter flattr Linked in Xing Articles on this blog/journal are licensed under a Creative Commons Attribution-NoDerivs 2.5 License. Contact/Impressum	Sat, 20 Jan 2007 Getting back into netfilter/iptables work I've been gone for long enough. Even though neither my RFID projects nor OpenMoko are anywhere close to be finished, I'm determined to get back into netfilter work again. Started to catch up with mailing lists. There has been amazing progress, most notably the implementation of NAT for nf_conntrack, which finally should get us rid of the old ip_conntrack code in one of the upcoming kernel releases. No more support of two versions in parallel. And the ability to do IPv4 NAT and IPv6 connection tracking on the same machine. Isn't that all that we wanted? Not quite... So for now, I'm participating in the discussions again, and I'm now also working on getting IPv6 interpreter plug-ins into ulogd2. The nfnetlink_log mechanism can happily send IPv6 packets to user space, it's just that ulogd2 doesn't yet know what to do with them. That needs to be changed. [ /linux/netfilter \| permanent link ]