diff options
Diffstat (limited to '2003/netfilter-curdevel-lt2003/curdevel')
-rw-r--r-- | 2003/netfilter-curdevel-lt2003/curdevel | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/2003/netfilter-curdevel-lt2003/curdevel b/2003/netfilter-curdevel-lt2003/curdevel new file mode 100644 index 0000000..07f11d7 --- /dev/null +++ b/2003/netfilter-curdevel-lt2003/curdevel @@ -0,0 +1,19 @@ +- pkttables + - linked lists instead of blob + - explain current situation + - dynamic rulesets are slow with iptables + - independent of layer 3 protocol + - current code duplication between [ip|ip6|arp]tables + - some matches (mac, interface, ...) are independent anyway +- nfnetlink + - idea + - ctnetlink + - iptnetlink / pkttnetlink + - ulog/queue port to it + - libnfnetlink, libctnetlink, libpkttnetlink +- libiptables / libpkttnetlink + - high-level API for rule-manipulation + - covering all the plugins which are currently part of iptables + +- failover / load balancing for stateful firewalls + - slides from OLS |