On Wed, Apr 10, 2002 at 04:14:05PM +0200, Hervé Eychenne wrote: > > I said that this is not covered (assuming that all matches/targets are > > modules). > > That's a problem (at least for me). > For me it justifies the need of a /proc mecanism by itself. > Since we basically seem to agree this would be a good thing, let's add > it on the TODO list and wait for someone to announce he'll code it (I hate > duplicate efforts).
well, putting it on TODO is easy - however I doubt anybody will go ahead implementing it voluntarily. If somebody would have needed the feature in the past, he'd have implemented it already. > > find /lib/modules/`uname -r`/kernel/net/ipv4/netfilter -name ipt_XXXX.o > > Kinda hacky. But since it should be the same path everywhere, this > could do the job... :-/ Yhis is not hacky at all. This is a standard solution and I've seen code like this quite a couple of time. > > I, for example, regularly just rebuild kernel modules after reconfiguration, > > and not the kernel image itself (like 'make modules > > SUBDIRS=net/ipv4/netfilter'). > > I fear you're right. That's the problem with modules: never knowing > exactly at runtime what features are potentially available. :-( Well. If you have the /proc interface for currently-loaded modules and statically compiled in matches/targets _AND_ the /lib/modules/`uname -r`/ stuff, you have all the functionality you need. > Userspace versioning wouldn't have any impact on the kernel in the > first step. but what is the use of userspace versioning if the kernel doesn't have version information? The userspace would still not know which version of the structure to use when inserting rules to the kernel. I think versioning should be deferred for 2.5.x and integrated into the whole new linked-list iptables (in the kernel) and userspace libiptables design. > RV -- Live long and prosper - Harald Welte / [EMAIL PROTECTED] http://www.gnumonks.org/ ============================================================================ GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M+ V-- PS++ PE-- Y++ PGP++ t+ 5-- !X !R tv-- b+++ !DI !D G+ e* h--- r++ y+(*)
