There are a number of places in the network code where we drop packets
which people might be interested in knowing about (eg. my nat code,
CONFIG_IP_ROUTE_VERBOSE).
Be very nice if these were more flexible, and centralized. Options
are:
1) Leave it alone.
2) Add nf_dropping(int pf, unsigned int hook,
const struct sk_buff *skb,
const struct net_device *indev,
const struct net_device *outdev,
const char *reason);
nf_register_drop() and nf_unregister_drop() for recipients of
dropped packets.
3) Add a bogus NF_IP_DROPPING hook IPv4 netfilter; make the
skb->nfmark field hold an enum indicating why the packet was
dropped.
The third is most trivial, and is what I'm leaning towards at this
stage. Anyone feel strongly that the current stuff is nicer? Will
prepare patch if noone objects...
Rusty.
--
Hacking time.
|