diff options
Diffstat (limited to '2002/netfilter-bof-ols2002')
| -rw-r--r-- | 2002/netfilter-bof-ols2002/abstract | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/2002/netfilter-bof-ols2002/abstract b/2002/netfilter-bof-ols2002/abstract new file mode 100644 index 0000000..f70cb6a --- /dev/null +++ b/2002/netfilter-bof-ols2002/abstract @@ -0,0 +1,25 @@ +Future directions of linux firewalling + +Harald Welte, netfilter core team & Astaro AG + +The Linux 2.4.x series provided a fundamental redesign of the packet filtering +and NAT framework, called netfilter/iptables. This flexible and modular +framwork still had it's limitations. This BOF will discuss the recent and +upcoming changes during the 2.4.x kernel series, as well as planned and +partially implemented changes/extensions for the 2.5.x kernel series. + +Topics covered: + +2.4.x stuff: +- The newnat API; supporting connection tracking and NAT for complex protocols + like H.323 +- Accessing connection tracking table entries from userspace: ctnetlink +- Packet filtering and even NAT on a bridge + +2.5.x stuff: +- libiptables: Providing a flexible and extensible API towards all iptables + features +- pkttables: Creating a layer-3-protocol independent layer for rule tables; + unifying iptables, ip6tables and arptables. +- nfnetlink: Move all netfilter/iptables related kernel/userspace communication + towards netlink |