Hacker Harald Welte On Netfilter/iptables

Iptable writes: "Underlinux.com.br has an interview with Harald Welte, member of netfilter/iptables core team. Harald told about the future of iptables2 with new kernel family (2.5.x/2.6.x) and other things like libiptables that will be a common interface to deal with iptables firewall rules. To read the complete interview visit UnderLinux.Com.Br."

Re:Thank goodness for the universal translator

[Lord+Sauron]

And it gives a

BabelFish Error 3012
We're sorry we've encountered an error with your request.
If you think this is a bug we should know about? Send us e-mail and let us know the following:

* What browser you were using.
* The operating system you are on.
* The type of translation you were trying when this error occurred.

Questions? Check out our FAQs.

The error encountered is:

Not a valid referer

You do have to go from babelfish. Or change your referer. Hey, BTW, is there any browser that automatically changes the referer to the very own page you're accessing ? This would prevent these sort of problems, but would screw lots of logs :)

Notes

[LarryRiedel]

I think this reflects some of what is in the interview.

There is coming a userland library interface to netfilter which is more like rtnetlink(3), called nfnetlink (netfilter netlink), replacing the current setsockopt interface.

There is going to be an "iptables2" which has some new functionality related to a change in the data model for the tables - they will appear more like linked lists of linked lists than like a two-dimensional array, and a bunch chunk of the functionality which was in the iptables command line program is going to be moved into a library so other applications at the level of iptables can also utilitize that functionality.

Connection tracking / NAT will be enhanced to support more high level application protocol interactions than FTP, such as IRC, H.323, etc.