- update TODO listsvn_t_conntrack-tools-0.9.3

- update INSTALL
- use conntrack instead of conntrackd to flush the conntrack table

3 files changed, 32 insertions, 20 deletions

diff --git a/INSTALL b/INSTALL
index 1a80dd0..e4b1d58 100644
--- a/INSTALL
+++ b/INSTALL
@@ -41,9 +41,9 @@ Copyright (C) 2005-2007 Pablo Neira Ayuso <pablo netfilter org>
 	$ make
 	# make install
 
- Up to this point, the command line interface `conntrack' is ready for use.
- However, the userspace daemon so-called `conntrackd' requires some magic 
- speells to get it working.
+ Up to this point, the command line interface `conntrack' is ready for use,
+ see man conntrack(8). However, the userspace daemon so-called `conntrackd' 
+ requires some magic spells to get it working.
 
 3.Setting up conntrackd
 =======================
@@ -68,8 +68,8 @@ Copyright (C) 2005-2007 Pablo Neira Ayuso <pablo netfilter org>
 
     There is an example file available inside the conntrackd tarball:
 
-    For node 1: conntrackd-x.x.x/examples/sync/node1/keepalived.conf
-    For node 2: conntrackd-x.x.x/examples/sync/node2/keepalived.conf
+    For node 1: conntrackd-x.x.x/examples/sync/_type_/node1/keepalived.conf
+    For node 2: conntrackd-x.x.x/examples/sync/_type_/node2/keepalived.conf
 
     These files can be used to set up a simple VRRP cluster composed of
     two machines that hold the virtual IPs 192.168.0.100 on eth0 and
@@ -94,8 +94,9 @@ Copyright (C) 2005-2007 Pablo Neira Ayuso <pablo netfilter org>
 
     Where _type_ is the synchronization type selected, currently there are
     two: the persistent mode and the NACK mode. The persistent mode consumes
-    more resources than the NACK mode, however the NACK mode is still
-    experimental
+    more resources than the NACK mode but resolves synchronization issues 
+    better. On the other the NACK mode reduces resource consumption. I'll
+    provide more information on both approaches soon.
 
     Do not forget to edit the files in order to adapt them to the
     setting that you are deploying.
diff --git a/TODO b/TODO
index 130b1f8..482b677 100644
--- a/TODO
+++ b/TODO
@@ -1,18 +1,29 @@
 There are several tasks that are pending to be done, I have classified them
 by dificulty levels:
 
-Relatively easy
-===============
+= Relatively easy =
+ * add syslog support (based on Simon Lodal's patch)
+ * improve shell scripts for keepalived/heartbeat: *really* important
+ * use NACK based protocol, feedback: call pablo :-)
+ * manpage for conntrackd(8)
+ * use the floating priority feature in keepalived to avoid premature
+   take over.
 
-- test ipv6 support
-- improve shell scripts
-- test NACK based protocol
-- manpage for conntrackd
+= Requires some work =
+ * study better keepalived transitions
+ * test/fix ipv6 support
+ * have a look at open issues
+ * implement support for TCP window tracking (patches are on the table) at 
+   the moment you have to disable it:
 
-Requires some work
-==================
+  	echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal
 
-- study better keepalived transitions
-- implement support for TCP window tracking (patches are on the table)
-	- at the moment you have to disable it:
-	echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal
+= Requires kernel patches =
+ * setup master conntrack to match IPCT_RELATED
+
+= Open issues =
+ * unsupported iptables matches:
+   * connbytes: probably the persistent may support it
+   * recent: requires further study
+   * quota: private data counters
+ * connection tracking NAT helpers: sequence adjustment issues (?)
diff --git a/examples/sync/nack/script_fault.sh b/examples/sync/nack/script_fault.sh
index 68f1534..aec4af9 100755
--- a/examples/sync/nack/script_fault.sh
+++ b/examples/sync/nack/script_fault.sh
@@ -1,4 +1,4 @@
 #!/bin/sh
 
 /usr/sbin/conntrackd -f
-/usr/sbin/conntrackd -F
+/usr/sbin/conntrack -F