summaryrefslogtreecommitdiff
path: root/2002/netfilter-bof-ols2002/abstract
diff options
context:
space:
mode:
Diffstat (limited to '2002/netfilter-bof-ols2002/abstract')
-rw-r--r--2002/netfilter-bof-ols2002/abstract25
1 files changed, 25 insertions, 0 deletions
diff --git a/2002/netfilter-bof-ols2002/abstract b/2002/netfilter-bof-ols2002/abstract
new file mode 100644
index 0000000..f70cb6a
--- /dev/null
+++ b/2002/netfilter-bof-ols2002/abstract
@@ -0,0 +1,25 @@
+Future directions of linux firewalling
+
+Harald Welte, netfilter core team & Astaro AG
+
+The Linux 2.4.x series provided a fundamental redesign of the packet filtering
+and NAT framework, called netfilter/iptables. This flexible and modular
+framwork still had it's limitations. This BOF will discuss the recent and
+upcoming changes during the 2.4.x kernel series, as well as planned and
+partially implemented changes/extensions for the 2.5.x kernel series.
+
+Topics covered:
+
+2.4.x stuff:
+- The newnat API; supporting connection tracking and NAT for complex protocols
+ like H.323
+- Accessing connection tracking table entries from userspace: ctnetlink
+- Packet filtering and even NAT on a bridge
+
+2.5.x stuff:
+- libiptables: Providing a flexible and extensible API towards all iptables
+ features
+- pkttables: Creating a layer-3-protocol independent layer for rule tables;
+ unifying iptables, ip6tables and arptables.
+- nfnetlink: Move all netfilter/iptables related kernel/userspace communication
+ towards netlink
personal git repositories of Harald Welte. Your mileage may vary