From: Kirill Korotaev <[email protected]>
Date: Wed, 18 Jan 2006 12:12:54 +0300
> This patch extends current iptables compatibility layer in order to get
> 32bit iptables to work on 64bit kernel. Current layer is insufficient
> due to alignment checks both in kernel and user space tools. Current
> draft version works correctly with standard targets only
> (ACCEPT/DROP/FORWARD).
>
> ToDo:
> - extend translation to include more matches and targets. Use arrays of
> structures like { name, size_diff, func_for_convert_data} for this
> purpose
> - extend get_info to return corrected size. Add size calculation to
> get_entries.
Thanks for doing this work.
But it would make a lot more sense to add
compat_setsockopt and compat_getsockopt socket
operations, call down into there, and then implement
these translations inside of netfilter itself.
This would avoid an enormous amount of copying
and munging, and also would keep netfilter internals
outside of the generic socket compat layer code.
Thanks.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
