seamustuohy
commented
9 years ago Netfilter usage has become minor because we are building off of existing open source tools and libraries with a higher level functionality.
Closed seamustuohy closed 9 years ago
seamustuohy
commented
9 years ago Netfilter usage has become minor because we are building off of existing open source tools and libraries with a higher level functionality.
In netfilter, If a chain doesn't decide the fate of the packet, then once traversal on that chain has finished, traversal resumes on the next rule in the current chain. This means that the first rule that blocks, discards, or forwards a packet on will be carried out without concern for any later rules. The Co-pilot interface must make sure that the interface provides a logical way to prevent incompatible rule sets that may cause inconsistent behavior.