From: <vpo...@en...> - 2004-07-23 23:34:10
|
Hi guys, My question is exactly the one in the e-mail subject: Is IPTables::IPv4 Perl module trustable? This module is a perl interface to the 'libiptc' library, written by, Derrik Pates. I'd like to use it in an application. But I read in netfilter's FAQ the following: "4.5 Is there an C/C++ API for adding/removing rules? The answer unfortunately is: No. Now you might think 'but what about libiptc?'. As has been pointed out numerous times on the mailinglist(s), libiptc was _NEVER_ meant to be = used as a public interface. We don't guarantee a stable interface, and it is planned to remove it in the next incarnation of linux packet filtering. libiptc is way too low-layer to be used reasonably anyway. We are well aware that there is a fundamental lack for such an API, and = we are working on improving that situation. Until then, it is recommended = to either use system() or open a pipe into stdin of iptables-restore. The latter will give you a way better performance." Does someone else already tested it before? Does someone else there = knows its internals? Thanks, bruno negr=E3o |