>>> Is there anything against not matching on the src port like the
>>> ip_contrack(_ftp) stuff?
>> you mean figure out the data-port on the fly?
> Exactly. The same thing is done for passive FTP where the port the client
> connects from is also unknown, and only filled in when it actually
> I've looked at the code but it's a bit too much for me to grasp in short
> time... But from what I do (think I) understand it seems that implementing
> this for the active case is more than trivial.
> Is there any documentation targeted at developers/hackers other than the
> code itself? Figuring out how it all fits together from just reading the
> src is verry time consuming (for me at least) and time is something I have
> little to spare...
Not having read the whole thread in all its entirety per se, could you
be specific on what exactly you need proper documentation? Is it
netfilter or IPVS related, and if so, which part of LVS?
Furthermore, I'm compiling some development text while distinct
questions pop up, however I'm not going to document everything ;).
Regarding IPVS I've put online a doxygen'd documentation, which can help
significantly when trying to understand the code:
Roberto Nibali, ratz
'[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc