| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <200701082130.02948@nessa> Date: Mon, 8 Jan 2007 21:30:02 +0100 From: KOVACS Krisztian <hidden@...abit.hu> To: netfilter-devel@...ts.netfilter.org Cc: Evgeniy Polyakov <johnpol@....mipt.ru>, netdev@...r.kernel.org Subject: Re: [PATCH/RFC 00/10] Transparent proxying patches version 4 Hi Evgeniy, On Wednesday 03 January 2007 18:23, Evgeniy Polyakov wrote: > Out of curiosity, would you use netchannels [1] if the implementation > will be much broader? Since what you have created works exactly like > netchannels netfilter NAT target (although it does not change ports, > but it can be trivially extended), but without all existing netfilter > overhead and without hacks in core TCP/UDP/IP/route code. Indeed, a netchannels based implementation would be very nice. Combined with a userspace network stack I think this could be a very powerful tool, especially for people doing dirty tricks -- like transparent proxying in our case. However, I think that adopting netchannels now would be an enormous work on our part. Of course, personally I'm really interested in netchannels and the related projects, but I agree with Harald that we still have a long way to go before being able to switch to netchannels. And I definitely _hate_ the previous incarnations of our tproxy patches enough that even this patchset seems acceptable for me. ;) -- Regards, Krisztian Kovacs - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists