[collectd] IPTables Module

Florian Forster octo<span style="display: none;">.trailing-username</span>(a)<span style="display: none;">leading-domain.</span>verplant.org
Wed Mar 14 09:53:38 CET 2007

Hi Sjoerd,

I didn't search carefully enough: With Linux 2.6.18 the comment module
is named `xt_comment.ko'. With my previous version, 2.6.8, it should
have been `ipt_mark.ko'. So when searching for `ipt_mark.ko' in the
newer kernel-package I didn't find anything and thus assumed it wasn't

On Mon, Mar 12, 2007 at 07:54:06PM +0100, Sjoerd van der Berg wrote:
> Damn that sucks, thought the comment module might make it into more
> distros by now, but seems not. So what's left then,

I'm still in favor to provide a backup-solution. I'd let the user select
the rules by table/chain names (select all comment-rules), by giving the
comment-name (select only that rule) or by rule numbers (possibly
accompanied by a name):

  Chain <table> <chain> [<comment|num> [name]]
For instance:
  Chain filter INCOMING foobar
  Chain filter FORWARD  1 established
- The first rule collects all rules with a comment from the POSTROUTING
- The second rule collects the rule with the `foobar' comment.
- The third rule collects the first rule from the FORWARD chain and
  calls it `established'.

This way users that have the comment-match may use it and have a nice,
clean definition. All they really need to configure is the table and the
chain, everything else is done as in your patch. Users without that
match can still use the plugin, though not as comfortable.

Does that sound reasonable?

Florian octo Forster
Hacker in training
GnuPG: 0x91523C3D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mailman.verplant.org/pipermail/collectd/attachments/20070314/cf26e1db/attachment.pgp

More information about the collectd mailing list