lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 13 Jul 2010 16:24:33 +0300 From: Luciano Coelho <luciano.coelho@...ia.com> To: ext Jan Engelhardt <jengelh@...ozas.de> Cc: ext Pablo Neira Ayuso <pablo@...filter.org>, Changli Gao <xiaosuo@...il.com>, Samuel Ortiz <sameo@...ux.intel.com>, Patrick McHardy <kaber@...sh.net>, "David S. Miller" <davem@...emloft.net>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "netfilter-devel@...r.kernel.org" <netfilter-devel@...r.kernel.org> Subject: Re: [PATCH] netfilter: xtables: userspace notification target On Tue, 2010-07-13 at 13:49 +0200, ext Jan Engelhardt wrote: > On Tuesday 2010-07-13 12:23, Luciano Coelho wrote: > >> > >> Indeed, this looks to me like something that you can do with NFLOG and > >> some combination of matches. > > > >Is it possible to have the NFLOG send only one notification to the > >userspace? In the example above, once the quota exceeds, the userspace > >will be notified of every packet arriving, won't it? That would cause > >unnecessary processing in the userspace. > > > >The userspace could remove the rule when it gets the first notification > >and only add it again when it needs to get the information again (as a > >"toggle" functionality), but I think that would take too long and there > >would be several packets going through before the rule could be removed. > > With xt_condition that should not be a problem > (-A INPUT -m condition --name ruleXYZ -j NFLOG..) > This is settable through procfs. Right. I didn't know about the condition match, because I can't see it either on net-next-2.6 nor on nf-next-2.6. I found your patch in the netfilter-devel archives, though. Any idea when it will be applied? -- Cheers, Luca. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists