diff options
-rw-r--r-- | CURRENT_ISSUES | 30 | ||||
-rw-r--r-- | TODO | 66 |
2 files changed, 0 insertions, 96 deletions
diff --git a/CURRENT_ISSUES b/CURRENT_ISSUES deleted file mode 100644 index cdec36fa..00000000 --- a/CURRENT_ISSUES +++ /dev/null @@ -1,30 +0,0 @@ -save/restore problem of owner match - - userspace -u32 match - - can wait -XDMCP conntrack/nat - - can wait -nf_debug stuff - - can wait -ipt_ACCOUNT - - can wait -UDP stream timeout (180s) doens't apply for first reply packet - - fix by Martin Josefsson, needs review/testing -SLOG target - - no further work expected - - needs to be integrated with recent nfnetlink/ctnetlink -loop detection / nf_hipac (mail from dec 15 - - need time -IPv6 REJECT target fix - - important, it's a pity that it's still broken -bi-directional ftp state tracking - - do we want this? -final ACK of a SYN - SYN/ACK - ACK tcp handshake establishes ASSURED - - patch is on list, needs testing + comments from kadlec -expectations allegedly don't work on sparc64 - - see <771F217D7A4AF84494632457889470A412D77A@bcmsg011.corp.ads> - - is this in bugzilla yet? -new bytelimit match - - unify it with 'limit' for 2.5.x -boolean MARK operations - - patch by Anders Fugmann, needs 64bit testing @@ -1,66 +0,0 @@ -TODO List for netfilter / iptables. -Currently maintained by Harald Welte <laforge@gnumonks.org> - -Please inform me, if you want to work on any of the TODO items, so I -can update this list and thus prevent two people doing the same work. - -CVS ID: $Id: TODO,v 1.71 2003/11/06 23:20:00 laforge Exp $ - -IMPORTANT issues: -- erroneously too-fast dropped conntrack for half-open TCP connections [JK] -- --mac-source not working in FORWARD (manpage bug?) [BZ] -- locally bound udp port can still be used for MASQ/SNAT [BZ] -- unaligned access of nulldevname during string match [BZ] -- unaligned access in interface match (ip_tables core) -- update documentation to reflect newnat -- release iptables-1.3.0-test (with new libiptc for speedup) -- ipv6 ldp (igmp) and ndisc bypasses LOCAL_OUT hook - -TO BE INVESTIGATED: -- packet counters on sparc64 platform [BZ] -- conntrack helper not called for first packet (udp!) -- different behaviour for first packet towards an l2-unresolved ip? - -NICE to have: -- sysctl support for ftp-multi, irc-conntrack/nat, ftp-fxp [BZ] -- port conntrack to IPv6 (code reuse?) -- ip_nat_ident module [BZ] -- make iptables / ip6tables use the same codebase (as libiptc) [KA] -- libipq reentrancy [JM] -- compiling without O2 issue [BZ] -- libipq runtime version, do before 1.2.5 [JM] -- l3 independent ip_queue / ULOG (2.6) -- add support for IRC tracking in opposite direction -- Find mirrors for www.TLD.netfilter.org domains -- example section on homepage -- searchable mailinglist archives -- faq-o-matic system - -FUTURE extensions: -- dealing with fragmented expectation-causes (i.e. DCC chat split - over two packets, etc.) -- conntrack / nat failover [HW] -- unified nfnetlink for queue,ulog,conntrack (and more?) (2.5 issue) - -Userspace queuing for 2.5: -- Integration with nfnetlink. -- Multiple queues per protocol. -- Netlink broadcast support. -- Allow multiple reader/writers in userspace. -- How to handle multiple protocols (e.g. use separate queue handlers - or a multiplexer like ipqmpd). -- Peformance improvements: multipart messages, mmaped socket (possibly). -- Simplify queuing logic, which is quite ugly at the moment. (BC suggested - removing logic from kernel). -- Allow userspace to set nfmark. -- Allow userspace to set queue length etc. -- Possibly pass conntrack/NAT info to userspace with packet. - -====================================================================== -[BC] Brad Chapman <kakadu_croc@yahoo.com> -[HW] Harald Welte <laforge@gnumonks.org> -[JK] Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> -[JM] James Morris <jmorris@intercode.com.au> -[KA] Kiz-Szabo Andras <kisza@sch.bme.hu> -[RR] Paul 'Rusty' Russel <rusty@rustcorp.com.au> -[BZ] Included in Bugzilla System |