diff options
author | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2007-12-21 13:20:04 +0000 |
---|---|---|
committer | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2007-12-21 13:20:04 +0000 |
commit | a2eb348ebb6bb3172aa46dd132befe2a24c2d302 (patch) | |
tree | 390c79ffc80e9f2cbf45b42ffeda51245748403c /TODO | |
parent | 3c5e35974c65f4470e6543c2cc772c0f1824dc44 (diff) | |
download | conntrack-tools-a2eb348ebb6bb3172aa46dd132befe2a24c2d302.tar.gz conntrack-tools-a2eb348ebb6bb3172aa46dd132befe2a24c2d302.zip |
= conntrack =
o fix missing `-g' and `-n' options in getopt_long control string
o add support for secmark (requires Linux kernel >= 2.6.25)
o add mark and secmark information to the manpage
o cleanup error message
= conntrackd =
o add support for secmark (requires Linux kernel >= 2.6.25)
o add conntrackd (8) manpage
Diffstat (limited to 'TODO')
-rw-r--r-- | TODO | 42 |
1 files changed, 23 insertions, 19 deletions
@@ -2,28 +2,32 @@ There are several tasks that are pending to be done, I have classified them by dificulty levels: = Relatively easy = - * add syslog support (based on Simon Lodal's patch) - * improve shell scripts for keepalived/heartbeat: *really* important - * use NACK based protocol, feedback: call pablo :-) - * manpage for conntrackd(8) - * use the floating priority feature in keepalived to avoid premature - take over. + [ ] improve shell scripts for keepalived/heartbeat: *really* important + [ ] NACK as default protocol + [ ] rename persistent to alarm + [X] manpage for conntrackd(8) + [ ] add scripts to use the floating priority feature in keepalived to avoid + premature take over. + [ ] ignorepool with unlimited size and ignore networks + [ ] selective conntracks removal + [ ] debian/rpm packages + [ ] improve website + [ ] Dumazet improvement hashtable (multiply vs. divide) + [X] add secmark support = Requires some work = - * study better keepalived transitions - * test/fix ipv6 support - * have a look at open issues - * implement support for TCP window tracking (patches are on the table) at - the moment you have to disable it: + [ ] study better keepalived transitions + [ ] test/fix ipv6 support + [ ] add support setup related conntracks + [ ] NAT sequence adjustment support - echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal - -= Requires kernel patches = - * setup master conntrack to match IPCT_RELATED - -= Open issues = - * unsupported iptables matches: += Open issues that won't be ever resolved = + * unsupported stateful iptables matches: * connbytes: probably the persistent may support it * recent: requires further study * quota: private data counters - * connection tracking NAT helpers: sequence adjustment issues (?) + += conntrack = + * add support for -D --dport 1000 + * improve error messages + * add support for SCTP (requires kernel >= 2.6.25) |