lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 28 Oct 2008 13:07:38 +0100
From:	Patrick McHardy <kaber@...sh.net>
To:	Evgeniy Polyakov <zbr@...emap.net>
CC:	hamid jafarian <hamid.jafarian@...il.com>,
	Netfilter-devel <netfilter-devel@...r.kernel.org>,
	Netdev <netdev@...r.kernel.org>,
	Pablo Neira Ayuso <pablo@...filter.org>,
	Jan Engelhardt <jengelh@...ozas.de>,
	Rusty Russell <rusty@...tcorp.com.au>,
	Harald Welte <laforge@...monks.org>,
	Eric Leblond <eric@....fr>,
	Jozsef Kadlecsik <kadlec@...ckhole.kfki.hu>,
	Amin Azez <azez@...mechanic.net>
Subject: Re: [PATCH 00/09]IPtablestng/Kernel - New Framework For IPtables

Evgeniy Polyakov wrote:
> Hi.
> 
> On Tue, Oct 28, 2008 at 01:32:06PM +0330, hamid jafarian (hamid.jafarian@...il.com) wrote:
>> excuse for this loosely patches...
>> please more explain...
>> do you mean my patches are too long? or ambiguous?
>> i 've tried to code base on "Documentation/CodingStyle".. and patch
>> base on "how to participate in the kernel community" documents.
>>
>> the core of this framework is located at pkt_tables.c&.h (#2&#3 of
>> kernel patches).
>> iptables.c&.h are completely changed. also at the user space libiptc.c
>> is rewritten from scratch thus their patches are really ambiguous to
>> be understood..what is the best way to send this patches?
>> what this phrase mean: "' remotely match existing code ""?
> 
> I mean just coding style: spaces, braces, parentheses, function names
> like __something_small_AND_CAPITAL. checkpatch.pl may help, although imo
> it should not be followed strickly. It will much simpler to review changes.

I think these patches are a lost cause. Besides the fact that they
move things to the kernel instead of to userspace, they

- break the existing interface
- do not use netlink
- are a drop-in replacement instead of incremental changes or a
   completely new implementation
- fix only a very small part of the problems of the current
   iptables design

I've asked Hamid to post these patches to see if there were any
useful incremental changes that would make sense to apply to
iptables, but it seems to come down to moving userspace to kernel
to support incremental changes.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ