From: Jones Desougi <jones.desougi+netfilter@gmail.com>
To: Ander Juaristi <a@juaristi.eus>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH v5 2/2] netfilter: nft_meta: support for time matching
Date: Sat, 17 Aug 2019 15:43:26 +0200 [thread overview]
Message-ID: <CAGdUbJFMCT9aXqPKVEVF-vvLzser+58R62mSZRZLRfaR5eJpSQ@mail.gmail.com> (raw)
In-Reply-To: <20190817111753.8756-2-a@juaristi.eus>
The naming of the new meta keys seem a bit confusing.
On Sat, Aug 17, 2019 at 1:19 PM Ander Juaristi <a@juaristi.eus> wrote:
>
> This patch introduces meta matches in the kernel for time (a UNIX timestamp),
> day (a day of week, represented as an integer between 0-6), and
> hour (an hour in the current day, or: number of seconds since midnight).
>
> All values are taken as unsigned 64-bit integers.
>
> The 'time' keyword is internally converted to nanoseconds by nft in
> userspace, and hence the timestamp is taken in nanoseconds as well.
>
> Signed-off-by: Ander Juaristi <a@juaristi.eus>
> ---
> include/uapi/linux/netfilter/nf_tables.h | 6 ++++
> net/netfilter/nft_meta.c | 46 ++++++++++++++++++++++++
> 2 files changed, 52 insertions(+)
>
> diff --git a/include/uapi/linux/netfilter/nf_tables.h b/include/uapi/linux/netfilter/nf_tables.h
> index 82abaa183fc3..b83b62eb4b01 100644
> --- a/include/uapi/linux/netfilter/nf_tables.h
> +++ b/include/uapi/linux/netfilter/nf_tables.h
> @@ -799,6 +799,9 @@ enum nft_exthdr_attributes {
> * @NFT_META_OIFKIND: packet output interface kind name (dev->rtnl_link_ops->kind)
> * @NFT_META_BRI_IIFPVID: packet input bridge port pvid
> * @NFT_META_BRI_IIFVPROTO: packet input bridge vlan proto
> + * @NFT_META_TIME_NS: time since epoch (in nanoseconds)
> + * @NFT_META_TIME_DAY: day of week (from 0 = Sunday to 6 = Saturday)
This would be clearer as NFT_META_TIME_WEEKDAY. Just day can mean a
lot of things.
Matches nicely with the added nft_meta_weekday function too.
> + * @NFT_META_TIME_HOUR: hour of day (in seconds)
This isn't really an hour, so why call it that (confuses unit at least)?
Something like NFT_META_TIME_TIMEOFDAY? Alternatively TIMEINDAY.
Presumably the added nft_meta_hour function also derives its name from
this, but otherwise has nothing to do with hours.
> */
> enum nft_meta_keys {
> NFT_META_LEN,
...
next prev parent reply other threads:[~2019-08-17 13:43 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-17 11:17 [PATCH v5 1/2] netfilter: Introduce new 64-bit helper functions Ander Juaristi
2019-08-17 11:17 ` [PATCH v5 2/2] netfilter: nft_meta: support for time matching Ander Juaristi
2019-08-17 13:43 ` Jones Desougi [this message]
2019-08-18 18:22 ` Ander Juaristi
2019-08-19 14:08 ` Jones Desougi
2019-08-20 19:27 ` Florian Westphal
2019-08-28 11:15 ` Jones Desougi
2019-08-26 9:28 ` Pablo Neira Ayuso
2019-08-26 9:28 ` [PATCH v5 1/2] netfilter: Introduce new 64-bit helper functions Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAGdUbJFMCT9aXqPKVEVF-vvLzser+58R62mSZRZLRfaR5eJpSQ@mail.gmail.com \
--to=jones.desougi+netfilter@gmail.com \
--cc=a@juaristi.eus \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).