Planned Features:
- implement better algorithmic core: The new core will dramatically reduce memory usage while at the same time improving the running time of insert and delete operations. The lookup performance will be improved radically too, especially for bigger rulesets. The concepts and the design are already developed, but the implementation is still in its very early stages
- add support for transactions
- add support for ipv6
- add support for MAC matches
- add functionality similar to iptables-restore
- add native support for set of ranges (e.g. ippools). Each native match is not a single range but instead a set of ranges, which makes a single rule more expressive
- consider making HiPAC available for NAT and mangle tables
- consider removing "rule prefix mismatch" limitation
- the next big step in the far future will be to extend the HiPAC algorithm to do classification with several stages. The HiPAC algorithm will then be capable of combining several classification problems in one data structure, e.g. it will be possible to solve routing, firewalling and traffic control with one HiPAC lookup. The idea is to shorten the packet forwarding path by combining e.g. fib_lookup and iptables filter lookup into one HiPAC query