On Wednesday 17 April 2002 15:20, you wrote: > > > As usually with all modifications of matches/targets, there is > > > the compatibility issue: > > > > > > - old iptables userspace needs to work with new kernel mport > > > - new kernel mport needs to work with old kernel mport > > > > This shouldn't be a problem at all (beside implementing ;-) > > please feel free to provide us with an implementation that is > fullfilling the above requirements. The current mport.patch in > patch-o-matic doesn't.
I try to look if I can solve the problems. As far as I've digged through the code, mport is an extension to the multiport module implemented as new module (problably because of your scoring system ;-) A few questions: - The main problem seems to be that the multiport and mport kernel module can not be used together, right? - The kernel module must provide a match function with a matchinfo pointer as parameter (among others). The parameter points to an allocated area of 32 bytes. The userspace library can fill in whatever data I need and the content of this area will be sent to kernel space. Is this correct? The implementation concept of mport isn't very clean. So I will try to do one of two things, dependent on your answers: - Extend the original mulitport module - Completely rewrite the mport module Now the questions: Can the memory area passed to the kernel be greater than 32 bytes and if not, can I limit the number of port ranges in the new multiport version to 7 instead of 15? Norbert
