Re: netfilter IPv6 support

[Willy Tarreau]

On Thu, Aug 26, 2004 at 11:25:10PM +0200, Thomas Zehetbauer wrote:
> On Don, 2004-08-26 at 13:00 -0700, David S. Miller wrote:
> > Stateful netfilter is not there because it's a total waste
> > to completely duplicate all of the connection tracking et al.
> > code into ipv6 counterparts when %80 of the code is roughly
> > the same.  People are working on a consolidation of these
> > things so that there is no code duplication but it is a lot
> > of work and there are bigger fires to put out at the moment.
> 
> Of course it's a waste to duplicate the code but as far as I remember
> the status of netfilter for IPv6 has not changed for almost a year. As
> said there is still not even the basic REJECT target available.

These features are available in patch-o-matic-ng. They're not in mainline
because the netfilter team only pushes well tested and non-intrusive changes.
But there are lots of people using features from patch-o-matic in production.
You can get those here :

    ftp://ftp.netfilter.org/pub/patch-o-matic-ng/

Please also take a look at the mailing list archives since it's an area
which is currently moving :
 
    http://marc.theaimsgroup.com/?l=netfilter-devel

Regards,
Willy

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/