Hi...
I am currently developing a userspace program using libipq to emulate a
satellite link which would require me to inject extra delay and error on
packets going through a bridge (with netfilter support). No problem on
intercepting the packets going through the bridge.
Also, no probl
On Tue, 2 Jul 2002, Harald Welte wrote:
> On Mon, Jul 01, 2002 at 09:50:18AM +0200, Balazs Scheidler wrote:
> > On Sat, Jun 29, 2002 at 12:36:36PM +0200, Henrik Nordstrom wrote:
> > > On Saturday 29 June 2002 11.46, Patrick McHardy wrote:
> > > So the question to the Netfilter core team is if it
For the record:
> match module:
> pro: no naming issue, current well known concepts can be kept
> pro: couple of modules can be unified
> con: ordering issue
I strongly prefer this solution, with the added requirement that order
issues should be defined clearly, and have a clea
Hello,
On Wednesday 03 July 2002 19:24, Jozsef Kadlecsik wrote:
>[...]
> new action class:
> pro: no ordering problem
> pro: clean separation of functionalities
> con: naming issue
> match module:
> pro: no naming issue, current well known concepts can be kept
> pro
On Wed, Jul 03, 2002 at 08:41:48PM +0800, Fabrice MARIE wrote:
> On Wednesday 03 July 2002 19:24, Jozsef Kadlecsik wrote:
Hi,
> I believe it's very natural to want to perform several things if a condition
> match, just like you would do in C a
> if (condition1) {
>action1();
>action2()
On Wed, 3 Jul 2002, Wei Koong CHAI wrote:
> My questions:
>
> [1] In the struct ipq_packet_msg, the data_len field is referring to what?
> Is it referring to the length of the whole IP packet (header + payload) or
> just the header or the payload alone?
The whole IP packet, which is the packe
Dear all,
I have successfully setup my bridge with netfilter capability to
connect two segment of LANs together and now using the below: -
[1] kernel 2.4.18 (patched with bridge-nf-0.0.6-against-2.4.18.diff)
[2] iptables-1.2.5
[3] bridge-utils-0.9.5
Then i started to develop a userspace
On Wednesday 03 July 2002 14.41, Fabrice MARIE wrote:
> I proposed the last one some time ago. A solution to the ordering
> issue is to have two kind of targets:
> 1- terminal target (ie ACCEPT, DROP, REJECT, jump to chain, etc...)
> 2- non terminal target (ie TTL, MARK, IPV4OPTSSTRIP, etc...)
>
On Wed, 3 Jul 2002, Wei Koong CHAI wrote:
> that it's not the bridge problem. Most probably, it is with my userspace
> program.
It shouldn't be possible for the userspace program to cause this. To
look into this further, I need to know the details of your system
topology, iptables & briding
