ipt_ACCOUNT Archives

Subject: Re: Netfilter control remove

From: "Gerd v. Egidy" <gerd.von.egidy@xxxxxxxxxxxxx>
To: ipt_ACCOUNT@xxxxxxxxxxxxxxxxxxxxxxx
Cc: "Dishko Georgiev" <dishkols@xxxxxxxxxx>
Date: Thu, 6 Aug 2009 16:27:33 +0200
Hi Dishko,

> > another reason I remember why we chose the iptaccount-program over procfs
> > was
> > accuracy when reading: the program can do an atomic read and reset
> > operation.
> > So there are no packets lost or counted twice when reading.

> U can provide 2 nodes in procfs: counters and counters_flush, so the reader
> of the counters can decide does he need reset or not.

Yeah, we could do it like that. But I'm not sure if anyone expects that 
_reading_ from a file in procfs actually changes something. I don't think it 
would be a good interface because it does something unexpected. Or think of 
someone running a grep through /proc for some reason...

> also i have reworked iptaccount program to produce
> better format for me (plus i have removed all unrelated print ops like
> version, num of entrys, table name ...).

how does your output look like now? I'm open to improving the output.

> Btw, indeed, iptables 1.4.4 have very big difference in support tool
> function names, so you have to change some calls, i can provide a diff if
> you need.

a diff would be very much welcome.

Kind regards,


ipt_ACCOUNT - see http://www.intra2net.com/en/developer/ipt_ACCOUNT for details.
To unsubscribe send a mail to ipt_ACCOUNT+unsubscribe@xxxxxxxxxxxxxxxxxxxxxxx   

Current Thread