|
> The cost is to have 2nd patch but i assume this will be
> the direction. I'm just not sure if the new mode is mature enough.
> I hope the logic in new ip_vs_nfct.c will not change, only
> these struct ip_conntrack to struct nf_conn, ip_XXX to
> nf_XXX, etc. It is also possible to work in both worlds, for example:
>
> +// Dependent connection tracking
> +#if defined(CONFIG_IP_NF_CONNTRACK) ||
> +defined(CONFIG_IP_NF_CONNTRACK_MODULE)
> +#include <linux/netfilter.h>
> +#include <linux/netfilter_ipv4/ip_conntrack.h>
> +#include <linux/netfilter_ipv4/ip_conntrack_core.h>
> +#include <linux/netfilter_ipv4/ip_conntrack_helper.h>
> +#ifdef CONFIG_IP_NF_NAT_NEEDED
> +#include <linux/netfilter_ipv4/ip_nat.h> #endif #endif
> +
> +// Independent connection tracking (new) #if
> +defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
> +#include <linux/skbuff.h>
> +#include <net/netfilter/nf_conntrack_expect.h>
> +#include <net/netfilter/nf_conntrack_helper.h>
> +#ifdef CONFIG_NF_NAT_NEEDED
> +#include <net/netfilter/nf_nat.h>
> +#endif
> +#endif
>
> But ip_vs_nfct.c should have copy for the new
> CONFIG_NF_CONNTRACK* case. You can do a diff to see how the new mode
> differs:
>
> diff -u net/ipv4/netfilter/ip_nat_standalone.c \
> net/ipv4/netfilter/nf_nat_standalone.c
>
> Regards
>
> --
> Julian Anastasov <ja@xxxxxx>
Thanks for the info.
I'm more than willing to try out a new patch if you send me one.
Thanks,
Nicklas
|
