On Sat, Feb 23, 2002 at 11:43:46AM +0900, À¯¿ë»ó wrote: > I want to register or de-register a iptables rules from kernal dynaymically. > > but, It is so difficult to fill a iptables kernel's structure. > How can I ?
You can't, really. iptables has not been made to faciliate that. The only way you have, is to communicate the desired change to some userlevel process you write, and have that one call "iptables". There are helper functions in the kernel for such a setup, ask the kernel mailing list if you must go that route. The situation will dramatically improve some time during the next year, as people are bound to work on a complete rewrite of how iptables handles rule management.. best regards Patrick
