Hi!
Since a couple of new kernel versions already, I use to modify two files
related to the netfilter part to be able to add more
ports for the IRC NAT module. I was wondering if you could definitively
apply those modifications to the kernel sources.
Here are my two modifications:
In /usr/src/linux-2.4.20/net/ipv4/netfilter:
I change "#define MAX_PORTS 8" to "#define MAX_PORTS 15" in both
"ip_conntrack_irc.c" and "ip_nat_irc.c".
I make those modifications to be able to add more ports than only 8 when
loading the modules as there are actually
a lot more IRC ports than 8 (ex: 6660-6669, 7000, that's already 11).
I'd greatly appreciate a reply even though my suggestion is not a good one.
Thanks.
David Lagani?re
Network/System Administrator
Securinet Systems
On Tue, Mar 04, 2003 at 12:26:32PM -0500, David Lagani?re wrote:
> Since a couple of new kernel versions already, I use to modify two files
> related to the netfilter part to be able to add more
> ports for the IRC NAT module. I was wondering if you could definitively
> apply those modifications to the kernel sources.
We (the netfilter developers) thought that for the usual case, 8 ports
should be a reasonable compiletime-limit. I know, especially for IRC,
this largely depends on the number of IRC networks and servers you want
to support...
> Here are my two modifications:
>
> In /usr/src/linux-2.4.20/net/ipv4/netfilter:
> I change "#define MAX_PORTS 8" to "#define MAX_PORTS 15" in both
> "ip_conntrack_irc.c" and "ip_nat_irc.c".
yes, this is the (documented) way to compile with support for more ports
> I'd greatly appreciate a reply even though my suggestion is not a good one.
The suggestion is neither 'good' nor 'bad'. Nobody has (until now)
asked us to raise this value, eight seems to be enough for most people.
As long as your proposal is not backed by more other users who think the
default should be raised, I'd rather leave it the way it currently is.
btw: further discussion should happen at
[email protected]
> David Lagani?re
> Network/System Administrator
> Securinet Systems
--
- Harald Welte <[email protected]> http://www.netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
On Tuesday 04 March 2003 19:20, Harald Welte wrote:
>
> The suggestion is neither 'good' nor 'bad'. Nobody has (until now)
> asked us to raise this value, eight seems to be enough for most people.
>
> As long as your proposal is not backed by more other users who think the
> default should be raised, I'd rather leave it the way it currently is.
>
Since this is meant to be tunable, how about turning it into a configuration
option (with 8 being the default)? I guess that would solve this problem
quite nicely.
Regards,
Dominik
--
Why should George W. Bush care what the American people think?
After all they did not vote for him.
On Tue, Mar 04, 2003 at 11:56:42PM +0100, Dominik Kubla wrote:
> Since this is meant to be tunable, how about turning it into a configuration
> option (with 8 being the default)? I guess that would solve this problem
> quite nicely.
well, if you think the 'netfilter configuration' submenu doesn't already
have enough config options ;)
SCNR.
Anyway, yes, this would be acceptable. Patches are welcome, otherwise
it will end up on my TODO list.
> Regards,
> Dominik
--
- Harald Welte <[email protected]> http://www.netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie