From fca59bea770346cf1c1f9b0e00cb48a61b44a8f3 Mon Sep 17 00:00:00 2001
From: Harald Welte <laforge@gnumonks.org>
Date: Sun, 25 Oct 2015 21:00:20 +0100
Subject: import of old now defunct presentation slides svn repo

---
 2006/userspace_helpers/abstract.txt | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 2006/userspace_helpers/abstract.txt

(limited to '2006/userspace_helpers')

diff --git a/2006/userspace_helpers/abstract.txt b/2006/userspace_helpers/abstract.txt
new file mode 100644
index 0000000..0cd13ec
--- /dev/null
+++ b/2006/userspace_helpers/abstract.txt
@@ -0,0 +1,18 @@
+Complex protocols such as FTP, H.323, SIP, RTSP, require special treatment by
+stateful packet filters and network address translators.  Software implementing
+such special treatment is often referred to as "application level gateway" (ALG).
+In the Linux netfilter world, they are called "conntrack helpers" and "NAT helpers".
+
+So far, the Linux netfilter/iptables subystem, much like it's predecessor
+ipchains, only supported such helpers inside kernel space.
+
+However, recent advances in the netfilter world such as nfnetlink_queue,
+libnetfilter_queue, nfnetlink_conntrcack and libnetfilter_conntrack provide
+almost all the infrastructure required for running conntrack/NAT helpers in
+userspace.
+
+At this time, the author is working on the missing tiny additional piece called
+nfnetlink_cthelper and libnetfilter_cthelper.  At the time the paper will be
+finished and presented, it is expected that this code is mainline and the first
+userspace conntrack/nat helpers will be available.
+
-- 
cgit v1.2.3