On Thu, Oct 21, 2004 at 09:12:48AM +0200, Henrik Nordstrom wrote:
> On Thu, 21 Oct 2004, Harald Welte wrote:
>
> >This is the first patch, adding something similar like nfmark, but on a
> >per-conntrack (as opposed to per-skb) level. Very useful especially for
> >asymmatric routing in combination with MASQUERADE, as often found on
> >home DSL setups with dymamic IP address that also have e.g. a tunnel
> >device with static IP.
>
> Is this with or without the mark operations?
What is 'this' you are referring to?
'patch'? Well you should know your patch ;)
'very useful'? Yes, indeed. I think it is already very useful, even
without MARK bit-wise operations (which AFAIK are not implemented with
the required compatibility issues we discussed at the netfilter
workshop, but which will be submitted once this is done).
--
- Harald Welte <laforge@xxxxxxxxxxxxx> http://www.netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
signature.asc
Description: Digital signature
|