From eaae45fa65fdb559b5442dfe2da05a808c5c57ba Mon Sep 17 00:00:00 2001 From: "/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org" Date: Wed, 23 May 2007 20:01:18 +0000 Subject: - update TODO list - update INSTALL - use conntrack instead of conntrackd to flush the conntrack table --- TODO | 35 +++++++++++++++++++++++------------ 1 file changed, 23 insertions(+), 12 deletions(-) (limited to 'TODO') diff --git a/TODO b/TODO index 130b1f8..482b677 100644 --- a/TODO +++ b/TODO @@ -1,18 +1,29 @@ There are several tasks that are pending to be done, I have classified them by dificulty levels: -Relatively easy -=============== += Relatively easy = + * add syslog support (based on Simon Lodal's patch) + * improve shell scripts for keepalived/heartbeat: *really* important + * use NACK based protocol, feedback: call pablo :-) + * manpage for conntrackd(8) + * use the floating priority feature in keepalived to avoid premature + take over. -- test ipv6 support -- improve shell scripts -- test NACK based protocol -- manpage for conntrackd += Requires some work = + * study better keepalived transitions + * test/fix ipv6 support + * have a look at open issues + * implement support for TCP window tracking (patches are on the table) at + the moment you have to disable it: -Requires some work -================== + echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal -- study better keepalived transitions -- implement support for TCP window tracking (patches are on the table) - - at the moment you have to disable it: - echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal += Requires kernel patches = + * setup master conntrack to match IPCT_RELATED + += Open issues = + * unsupported iptables matches: + * connbytes: probably the persistent may support it + * recent: requires further study + * quota: private data counters + * connection tracking NAT helpers: sequence adjustment issues (?) -- cgit v1.2.3