[tproxy] Re: Request: including tproxy patch to official
iptables/kernel.
KOVACS Krisztian
hidden at balabit.hu
Tue Oct 17 16:38:24 CEST 2006
Hi,
On Monday 16 October 2006 07:48, Patrick McHardy wrote:
> > So, I would like to suggest to include tproxy patch to official
> > iptables/kernel release.
>
> These look quite old (2.4). The TPROXY developers were working on
> a new approach last year at the netfilter workshop, but I don't
> know if there was any further progress. Please talk to them directly
> and ask them if they want to merge it upstream, and if so to submit
> patches.
Yes, there was significant progress since then, we're testing the
patches at the moment. There still are a couple of problems with the new
approach, but it certainly looks promising. I'll post the patches on
netfilter-devel for review and comments as soon as things have settled
down a bit.
Instead of trying to get the 2.0 branch of tproxy merged into mainline
we're concentrating our efforts on getting the new code working. As the
maintainer of the current tproxy patchset, I do not consider it clean and
safe enough to have it merged upstream.
Moreover, I think there's no general consensus between networking
maintainers whether or not the features tproxy provides are worth the
hassles. Transparent proxying features have been removed during the 2.3
development as there seemed little interest in those. Of course there are
a handful of companies interested in having the feature in mainline, but
let's face the facts: the majority of users do not care about tproxy.
That's why I don't even try to get it merged.
--
Regards,
Krisztian Kovacs
More information about the tproxy
mailing list