diff options
author | Patrick McHardy <kaber@trash.net> | 2009-03-18 04:55:00 +0100 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2009-03-18 04:55:00 +0100 |
commit | fac10ea799fe9b6158d74f66d6ad46536d38a545 (patch) | |
tree | 8c093bcbb2144aab54c70103e6ed438456ae0d48 /TODO |
Initial commitv0.01-alpha1
Diffstat (limited to 'TODO')
-rw-r--r-- | TODO | 27 |
1 files changed, 27 insertions, 0 deletions
@@ -0,0 +1,27 @@ +nftables frontend +----------------- +- Define lexical distinction between keywords, symbolic constants and + identifiers +- Define syntax for changing data (connmark, meta etc.) +- shorter syntax for specifying rules: entire chains without repeating "rule add ..." +- payload syntax for matching on IP headers of IPIP/GRE tunnels etc. + +- netlink monitor for CLI + +Kernel +------ +- netlink set API +- kernel set implementation selection +- TC hookup - use dummy classifier or hook "natively" ? +- kill mangle table, make rerouting a configurable table/chain property +- kill nat table? harder because of more special handling +- multi-family tables + +- IPv6 ext header matching +- IP style options (IP/TCP/DCCP) matching +- IPsec policy matching +- hashlimit +- quota +- recent(?) +- TCPMSS target - generic packet editor? +- include NLM_F_ ... flags in notifications? |