> In addition to what others have already pointed out, even if you know > what modules are available in user and kernel space, you also need to > know what each version of these is present, and whatever is talking to > all of this has to have detailed knowledge of the relative capabilities > of each version. Patches in patch-o-matic can interact in completely > arbitrary ways. Not all of them create new modules--a number of them > make significant changes to existing ones, and some modify both kernel > and user-space.
I think the most important fact, in the context of the current discussion, is that the module name need not correspond to the name of matches and targets, if there is another way of autoloading implemented. For example, the SNAT and DNAT targets are part of a single NAT module, which is autoloaded, as far as I remember, when the NAT table itself is loaded. Thus, one cannot deduce all target names from the module names themselves. What's more, not all targets are valid on all hooks, so the real "what can I use" question is "what can I use where". I agree with the posters who said that trying to use a match/target is the only generally informative way to find out what's usable. But, as any software in these parts must have good error handling anyway, that should not be too bad. best regards Patrick
