miniupnp.tuxfamily.org Forum Index miniupnp.tuxfamily.org
The forum about miniupnp and libnatpmp
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Support for nftables

 
Post new topic   Reply to topic    miniupnp.tuxfamily.org Forum Index -> miniupnpd Feature Request
View previous topic :: View next topic  
Author Message
GurliGebis



Joined: 16 Apr 2009
Posts: 35

PostPosted: Sun Aug 31, 2014 7:33 pm    Post subject: Support for nftables Reply with quote

Hey,

Since nftables seems to moving along nicely, would it be an idea to start looking at integrating with it, along with iptables?

From what I can read, the API shouldn't be that difficult to use.
Back to top
View user's profile Send private message
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1474

PostPosted: Tue Sep 09, 2014 3:30 pm    Post subject: Reply with quote

yes I'm thinking about it but have no time to do it... anybody motivated ?
_________________
Main miniUPnP author.
http://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
s1061123



Joined: 09 Mar 2015
Posts: 5
Location: Tokyo/Japan

PostPosted: Wed Mar 11, 2015 2:30 pm    Post subject: Reply with quote

miniupnp wrote:
yes I'm thinking about it but have no time to do it... anybody motivated ?


Hi Folks,

I've just started to support nftables in my github repository.

Currently it is 'very alpha' version, so please keep in touch and let you know when it is ready to merge.

thanks,
Tomofumi[/url]
Back to top
View user's profile Send private message
s1061123



Joined: 09 Mar 2015
Posts: 5
Location: Tokyo/Japan

PostPosted: Wed Mar 11, 2015 2:31 pm    Post subject: Reply with quote

s1061123 wrote:
miniupnp wrote:
yes I'm thinking about it but have no time to do it... anybody motivated ?


Hi Folks,

I've just started to support nftables in my github repository.

Currently it is 'very alpha' version, so please keep in touch and let you know when it is ready to merge.

thanks,
Tomofumi[/url]


Here's pointer.
https://github.com/s1061123/miniupnp
Back to top
View user's profile Send private message
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1474

PostPosted: Wed Mar 11, 2015 3:30 pm    Post subject: Reply with quote

it looks promising !
_________________
Main miniUPnP author.
http://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
s1061123



Joined: 09 Mar 2015
Posts: 5
Location: Tokyo/Japan

PostPosted: Tue Mar 24, 2015 7:32 am    Post subject: Reply with quote

Hi Folks,

Let me update current status on it.
Currently SNAT and DNAT are worked.

Currently my code is under github.
https://github.com/s1061123/miniupnp

To compile miniupnpd for nftables, just make with Makefiles.linux_nft instead of Makefile.linux.

Comments and some experiment reports are welcome!

Thanks,
Tomofumi
Back to top
View user's profile Send private message
s1061123



Joined: 09 Mar 2015
Posts: 5
Location: Tokyo/Japan

PostPosted: Thu Apr 09, 2015 7:45 am    Post subject: Reply with quote

miniupnp wrote:
it looks promising !


Hi miniupnp author,

After several tests, I would like to submit pull request as 'alpha support of nftables'.
To submit pull request for feature enhancement, is there any requirements for merge?

Thanks,
Tomofumi
Back to top
View user's profile Send private message
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1474

PostPosted: Fri Apr 10, 2015 3:16 pm    Post subject: Reply with quote

make the pull request on github, I will look at it and merge if possible
_________________
Main miniUPnP author.
http://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
s1061123



Joined: 09 Mar 2015
Posts: 5
Location: Tokyo/Japan

PostPosted: Wed Apr 15, 2015 4:23 am    Post subject: Reply with quote

miniupnp wrote:
make the pull request on github, I will look at it and merge if possible


I got it.
Now I'm a little bit busy, so after that I'll post it Wink
Back to top
View user's profile Send private message
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1474

PostPosted: Thu Apr 30, 2015 9:31 am    Post subject: Reply with quote

it has now been merged.
see http://miniupnp.free.fr/files/download.php?file=miniupnpd-1.9.20150430.tar.gz
_________________
Main miniUPnP author.
http://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
Paul.Chambers



Joined: 14 Sep 2019
Posts: 1
Location: San Jose, California

PostPosted: Sun Sep 15, 2019 5:12 am    Post subject: Reply with quote

I'd be willing to put some effort into this, too.

I'm still learning nftables, and the approach miniupnpd currently takes to support it.

One thing I'm curious about is that the front end (UPnP IGD server) and backends (network rule manipulation on the machine itself) aren't quite as cleanly separated as my OCD tendencies would like. Perhaps something that evolved over time? nothing wrong with that, I'm just a little wary of muddying the waters further.

Is that something people agree could be improved? is there an appetite for refining the separation between frontend and backends?

The reason I ask is that I'd rather help converge the various derivatives than diverge one of them further. However, I'd hate to dig into that without some confidence that the resulting pull requests are going to be looked on favorably.

Your thoughts?

Best regards,

- Paul
Back to top
View user's profile Send private message
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1474

PostPosted: Tue Sep 24, 2019 10:35 am    Post subject: Reply with quote

I won't spend time on any reorganisation of the code before the nftables code really works.
_________________
Main miniUPnP author.
http://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1474

PostPosted: Wed Oct 02, 2019 10:10 pm    Post subject: Reply with quote

you should also consider that miniupnpd is designed to run on small home routers. So consuming more memory is a big deal.

that's also why I think we should first implement privilege dropping before full privilege separation
_________________
Main miniUPnP author.
http://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    miniupnp.tuxfamily.org Forum Index -> miniupnpd Feature Request All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Protected by Anti-Spam ACP
© 2007 Thomas Bernard, author of MiniUPNP.