Extending the kernel->userspace protocol to keep track of ignore/block/except lists
Opened this issue · 0 comments
tjeb commented
Right now, the three lists live in kernel memory (which is where they are needed in order to actually ignore and block traffic); unless we move back to an iptables-based system this would remain so. However, we have run into a number of use-cases where we need to have a reliable up-to-date copy of this list in user-space (spind):
- ignore queries that we know end up at IP addresses that are ignored (issue #27)
- ignore/block/except nodes based on their host names rather than their ip addresses
We used to have spind repeatedly ask the module for these lists, but that is either not up-to-date or consumes too many resources. Therefore it would be nice to have a small protocol that goes back to any userspace clients if any of these lists change (list X changed: Y was added/deleted).