On Thu, Apr 19, 2001 at 02:15:56PM +1000, Manfred Bartz wrote:
> Through the stimulating discussion we had under ``IP Acounting
> Idea for 2.5'', it appears that a separate Traffic Flow Measure-
> ment and Accounting sub-system would be useful. See:
> <http://logi.cc/linux/CounterReset/>
Hey cool. Now we've come to a point where we agree. If you want to do
serious accounting, iptables is not the subsystem of your choice.
As you've pointed out on your very enthusiastic homepage:
* Mixing fundamentally different functionalities like security and
* accounting in a firewall is not a good idea anyway. It leads to overly
* complex firewall code (potentially thousands of rules just for
* accounting) and unreliable accounting (f.e. when the firewall rules get
* reloaded).
> I would also like to know if there are any objections to providing
> a RTFM interface in the kernel (as an optional module).
No, not at all. I'd like to help developing an RTFM meter for linux.
I guess we don't actually need to keep seperate flow information, but
could attach it to the netfilter connection tracking.
> Manfred Bartz
-- Live long and prosper - Harald Welte / laforge@gnumonks.org http://www.gnumonks.org ============================================================================ GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M- V-- PS+ PE-- Y+ PGP++ t++ 5-- !X !R tv-- b+++ DI? !D G+ e* h+ r% y+(*) - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Apr 23 2001 - 21:00:37 EST