Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: iptables: Devel

netfilter support in libnl

  

 
iptables devel RSS feed   Index | Next | Previous | View Threaded


philipc at snapgear

Sep 2, 2007, 10:09 PM

Post #1 of 5 (983 views)
Permalink
netfilter support in libnl
There have been comments in the past on this list about using libnl
for the netfilter netlink support, and since I would like to use a
common library api for all the netlink interfaces, I decided to give
it a go. These patches are the result of that.

Any comments welcome, particularly about whether this is still
something that is desired.

Some notes about the patches:
- only tested on an ARM platform
- only conntrack and log implemented (not queue)
- only dumping and monitoring implemented (no modifications)
- monitoring ct/log events requires copying all the netlink message
data into another object, which seems a bit inefficient
- I defined a cache to monitor log messages, so that it can find the
parser automatically, but not sure that caching log events makes sense
- I've added 'test' operations for some ct/log fields. None of the
other objects in libnl have these, but I think they are needed.


kaber at trash

Sep 3, 2007, 2:30 AM

Post #2 of 5 (918 views)
Permalink
Re: netfilter support in libnl [In reply to]
Philip Craig wrote:
> There have been comments in the past on this list about using libnl
> for the netfilter netlink support, and since I would like to use a
> common library api for all the netlink interfaces, I decided to give
> it a go. These patches are the result of that.
>
> Any comments welcome, particularly about whether this is still
> something that is desired.


Very nice, I think its still desirable to avoid having to
use multiple pretty similar libraries in case you also need
to use other netlink subsystems.

And I think LGPL is a much better choice than GPL for stuff
like this.

If you want to merge this upstream, you should probably CC
Thomas.


tgraf at suug

Sep 3, 2007, 2:59 AM

Post #3 of 5 (913 views)
Permalink
Re: netfilter support in libnl [In reply to]
* Patrick McHardy <kaber [at] trash> 2007-09-03 11:30
> Philip Craig wrote:
> > There have been comments in the past on this list about using libnl
> > for the netfilter netlink support, and since I would like to use a
> > common library api for all the netlink interfaces, I decided to give
> > it a go. These patches are the result of that.
> >
> > Any comments welcome, particularly about whether this is still
> > something that is desired.
>
>
> Very nice, I think its still desirable to avoid having to
> use multiple pretty similar libraries in case you also need
> to use other netlink subsystems.

I agree, it would be great if we could get rid of the almost
duplicate effort of nfnl attributes etc.

> And I think LGPL is a much better choice than GPL for stuff
> like this.

This is my fault, I intedend to use LGPL as stated in the COPYING
for some brain dead reason have been copying GPL headers from file
to file. I'm fixing this up right now.

> If you want to merge this upstream, you should probably CC
> Thomas.


kaber at trash

Sep 3, 2007, 3:05 AM

Post #4 of 5 (916 views)
Permalink
Re: netfilter support in libnl [In reply to]
Thomas Graf wrote:
> * Patrick McHardy <kaber [at] trash> 2007-09-03 11:30
>
>>And I think LGPL is a much better choice than GPL for stuff
>>like this.
>
>
> This is my fault, I intedend to use LGPL as stated in the COPYING
> for some brain dead reason have been copying GPL headers from file
> to file. I'm fixing this up right now.


I was actually under the impression that it already uses LGPL :)


tgraf at suug

Sep 3, 2007, 3:16 AM

Post #5 of 5 (917 views)
Permalink
Re: netfilter support in libnl [In reply to]
* Patrick McHardy <kaber [at] trash> 2007-09-03 12:05
> Thomas Graf wrote:
> > * Patrick McHardy <kaber [at] trash> 2007-09-03 11:30
> >
> >>And I think LGPL is a much better choice than GPL for stuff
> >>like this.
> >
> >
> > This is my fault, I intedend to use LGPL as stated in the COPYING
> > for some brain dead reason have been copying GPL headers from file
> > to file. I'm fixing this up right now.
>
>
> I was actually under the impression that it already uses LGPL :)

SVN head is LGPL, the latest release (very old) is still GPL :-)

iptables devel RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.