summaryrefslogtreecommitdiffstats
path: root/TODO
diff options
context:
space:
mode:
author/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org>2007-05-23 20:01:18 +0000
committer/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org>2007-05-23 20:01:18 +0000
commiteaae45fa65fdb559b5442dfe2da05a808c5c57ba (patch)
treee09aaf41c040d578e3a2872440da49f4799ec353 /TODO
parent1af6ff8f04bf4db0a9d9207797bca8eaf660cbe2 (diff)
- update TODO listsvn_t_conntrack-tools-0.9.3
- update INSTALL - use conntrack instead of conntrackd to flush the conntrack table
Diffstat (limited to 'TODO')
-rw-r--r--TODO35
1 files changed, 23 insertions, 12 deletions
diff --git a/TODO b/TODO
index 130b1f8..482b677 100644
--- a/TODO
+++ b/TODO
@@ -1,18 +1,29 @@
There are several tasks that are pending to be done, I have classified them
by dificulty levels:
-Relatively easy
-===============
+= Relatively easy =
+ * add syslog support (based on Simon Lodal's patch)
+ * improve shell scripts for keepalived/heartbeat: *really* important
+ * use NACK based protocol, feedback: call pablo :-)
+ * manpage for conntrackd(8)
+ * use the floating priority feature in keepalived to avoid premature
+ take over.
-- test ipv6 support
-- improve shell scripts
-- test NACK based protocol
-- manpage for conntrackd
+= Requires some work =
+ * study better keepalived transitions
+ * test/fix ipv6 support
+ * have a look at open issues
+ * implement support for TCP window tracking (patches are on the table) at
+ the moment you have to disable it:
-Requires some work
-==================
+ echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal
-- study better keepalived transitions
-- implement support for TCP window tracking (patches are on the table)
- - at the moment you have to disable it:
- echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal
+= Requires kernel patches =
+ * setup master conntrack to match IPCT_RELATED
+
+= Open issues =
+ * unsupported iptables matches:
+ * connbytes: probably the persistent may support it
+ * recent: requires further study
+ * quota: private data counters
+ * connection tracking NAT helpers: sequence adjustment issues (?)