| To: | kuznet@xxxxxxxxxxxxx |
|---|---|
| Subject: | Re: nfmark routing in ip_route_output() |
| From: | Rusty Russell <rusty@xxxxxxxxxxxxxxxx> |
| Date: | Fri, 08 Sep 2000 11:52:47 +1100 |
| Cc: | netdev@xxxxxxxxxxx, netfilter@xxxxxxxxxxxxx |
| In-reply-to: | Your message of "Tue, 05 Sep 2000 20:57:16 +0400." <200009051657.UAA30330@xxxxxxxxxxxxx> |
| Sender: | owner-netdev@xxxxxxxxxxx |
In message <200009051657.UAA30330@xxxxxxxxxxxxx> you write: > Hello! Hi Alexey! > BTW, Paul, we can make one interesting thing now. > Namely, something sort of setsockopt(SO_NFMARK). There are so many approaches, and I'm not clever enough to know which is right: for user rate limiting we have the iptables `owner' match, but it's fooled by setuid like ping; Andi's idea would make it reliable. Your idea would be useful maybe for some other stuff. So I'll wait until someone has a need, and then they can read these archives, then write a patch how they prefer. 8) Cheers, Rusty. -- Hacking time. |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: IPv6 Router Alert in Linux 2.2.x, David S. Miller |
|---|---|
| Next by Date: | Re: 2.4.0-test7: Trouble with ipchains (2.2-style) support, Rusty Russell |
| Previous by Thread: | Re: nfmark routing in ip_route_output(), Andi Kleen |
| Next by Thread: | 2.4.0-test7: Trouble with ipchains (2.2-style) support, Brian Bisaillon |
| Indexes: | [Date] [Thread] [Top] [All Lists] |