summaryrefslogtreecommitdiff
path: root/2003/netfilter-curdevel-lt2003/curdevel
diff options
context:
space:
mode:
Diffstat (limited to '2003/netfilter-curdevel-lt2003/curdevel')
-rw-r--r--2003/netfilter-curdevel-lt2003/curdevel19
1 files changed, 19 insertions, 0 deletions
diff --git a/2003/netfilter-curdevel-lt2003/curdevel b/2003/netfilter-curdevel-lt2003/curdevel
new file mode 100644
index 0000000..07f11d7
--- /dev/null
+++ b/2003/netfilter-curdevel-lt2003/curdevel
@@ -0,0 +1,19 @@
+- pkttables
+ - linked lists instead of blob
+ - explain current situation
+ - dynamic rulesets are slow with iptables
+ - independent of layer 3 protocol
+ - current code duplication between [ip|ip6|arp]tables
+ - some matches (mac, interface, ...) are independent anyway
+- nfnetlink
+ - idea
+ - ctnetlink
+ - iptnetlink / pkttnetlink
+ - ulog/queue port to it
+ - libnfnetlink, libctnetlink, libpkttnetlink
+- libiptables / libpkttnetlink
+ - high-level API for rule-manipulation
+ - covering all the plugins which are currently part of iptables
+
+- failover / load balancing for stateful firewalls
+ - slides from OLS
personal git repositories of Harald Welte. Your mileage may vary