| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAM_iQpU+EojoF-qOZ3gVB28+Hp-HE=tHTcC7uUh3b3XwMwWJ=w@mail.gmail.com>
Date: Mon, 24 Jun 2019 10:59:19 -0700
From: Cong Wang <xiyou.wangcong@...il.com>
To: Paul Blakey <paulb@...lanox.com>
Cc: Jiri Pirko <jiri@...lanox.com>, Roi Dayan <roid@...lanox.com>,
Yossi Kuperman <yossiku@...lanox.com>,
Oz Shlomo <ozsh@...lanox.com>,
Marcelo Ricardo Leitner <marcelo.leitner@...il.com>,
Linux Kernel Network Developers <netdev@...r.kernel.org>,
David Miller <davem@...emloft.net>,
Aaron Conole <aconole@...hat.com>,
Zhike Wang <wangzhike@...com>,
Rony Efraim <ronye@...lanox.com>, nst-kernel@...hat.com,
John Hurley <john.hurley@...ronome.com>,
Simon Horman <simon.horman@...ronome.com>,
Justin Pettit <jpettit@....org>
Subject: Re: [PATCH net-next v2 0/4] net/sched: Introduce tc connection tracking
On Thu, Jun 20, 2019 at 6:43 AM Paul Blakey <paulb@...lanox.com> wrote:
>
> Hi,
>
> This patch series add connection tracking capabilities in tc sw datapath.
> It does so via a new tc action, called act_ct, and new tc flower classifier matching
> on conntrack state, mark and label.
Thanks for more detailed description here.
I still don't see why we have to do this in L2, mind to be more specific?
IOW, if you really want to manipulate conntrack info and use it for
matching, why not do it in netfilter layer as it is where conntrack is?
BTW, if the cls_flower ct_state matching is not in upstream yet, please
try to push it first, as it is a justification of this patchset.
Thanks.
Powered by blists - more mailing lists