On Sun, Jul 31, 2005 at 11:40:11AM -0700, David S. Miller wrote: > > Well... Looking at your code, I came away understanding that > you needed to make the IPC objects unique per saddr/ID. That's > what you hash them by.
I see. The ID is actually a constant in my original patch. The idea is that as a packet passes through the stack, we only perform this check for the first time that ip_defrag is applied. For example, if both PREROUTING and SNAT are used for a forwarded packet, then the check is only applied at PREROUTING. Given that, we don't really care about the value of "user" passed to ip_defrag since we'll only be seeing each packet from saddr exactly once as far as this check is concerned. > I would also suggest that some reasonable non-zero default max_win > be choosen. This stuff will not get tested otherwise. Actually that reminds me, we better add some accounting stuff so that we know that it is being used. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
