Hello! I discovered accidential feature in hurd that may be not realized by developers. It should be possible to build and run ipchains from linux 2.2 and they should work.
IP Firewalling in linux is done using setsockopt. socket is raw created using socket(AF_INET, SOCK_RAW, IPPROTO_RAW) and then you can do setsockopt(sockfd, IPPROTO_IP, IP_FW*, void *optval, socklen_t optlen) requests. In hurd, pfinet will pass last three values to it's linux part and linux part should work as it works in regular environemt. Do we need this? I had talk with Marcus on IRC today, and he said that we should think about design of firewalling in Hurd. He said that using this setsockopt hack might be not very good and we need to try some better way. Anyway, I think that port of ipchains should be done. Peace, Peter. -- Peter Novodvorsky Deadheads, unite! Moscow State University, CS dept. [EMAIL PROTECTED] Debian Project [EMAIL PROTECTED] ALT Linux Team, Russia [EMAIL PROTECTED] _______________________________________________ Bug-hurd mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/bug-hurd
