* [PATCH] Add NFPROTO_ARP for mark target @ 2015-04-07 2:45 Zhang Chunyu 2015-04-07 2:45 ` [PATCH] Add NFPROTO_ARP for mark Zhang Chunyu 0 siblings, 1 reply; 9+ messages in thread From: Zhang Chunyu @ 2015-04-07 2:45 UTC (permalink / raw) To: netfilter-devel; +Cc: Zhang Chunyu this patch is for arptables --set-mark http://www.spinics.net/lists/netfilter-devel/msg35913.html Zhang Chunyu (1): Add NFPROTO_ARP for mark net/netfilter/xt_mark.c | 31 +++++++++++++++++++++---------- 1 file changed, 21 insertions(+), 10 deletions(-) -- 1.7.12.4 ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH] Add NFPROTO_ARP for mark 2015-04-07 2:45 [PATCH] Add NFPROTO_ARP for mark target Zhang Chunyu @ 2015-04-07 2:45 ` Zhang Chunyu 2015-04-08 17:49 ` Pablo Neira Ayuso 0 siblings, 1 reply; 9+ messages in thread From: Zhang Chunyu @ 2015-04-07 2:45 UTC (permalink / raw) To: netfilter-devel; +Cc: Zhang Chunyu need add NFPROTO_ARP and MODULE_ALIAS for arptables -mark Signed-off-by: Zhang Chunyu <zhangcy@cn.fujitsu.com> --- net/netfilter/xt_mark.c | 31 +++++++++++++++++++++---------- 1 file changed, 21 insertions(+), 10 deletions(-) diff --git a/net/netfilter/xt_mark.c b/net/netfilter/xt_mark.c index 2334523..5778062 100644 --- a/net/netfilter/xt_mark.c +++ b/net/netfilter/xt_mark.c @@ -23,6 +23,7 @@ MODULE_ALIAS("ipt_mark"); MODULE_ALIAS("ip6t_mark"); MODULE_ALIAS("ipt_MARK"); MODULE_ALIAS("ip6t_MARK"); +MODULE_ALIAS("arpt_MARK"); static unsigned int mark_tg(struct sk_buff *skb, const struct xt_action_param *par) @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par) return ((skb->mark & info->mask) == info->mark) ^ info->invert; } -static struct xt_target mark_tg_reg __read_mostly = { - .name = "MARK", - .revision = 2, - .family = NFPROTO_UNSPEC, - .target = mark_tg, - .targetsize = sizeof(struct xt_mark_tginfo2), - .me = THIS_MODULE, +static struct xt_target mark_tg_reg[] __read_mostly = { + { + .name = "MARK", + .revision = 2, + .family = NFPROTO_UNSPEC, + .target = mark_tg, + .targetsize = sizeof(struct xt_mark_tginfo2), + .me = THIS_MODULE, + }, + { + .name = "MARK", + .revision = 2, + .family = NFPROTO_ARP, + .target = mark_tg, + .targetsize = sizeof(struct xt_mark_tginfo2), + .me = THIS_MODULE, + } }; static struct xt_match mark_mt_reg __read_mostly = { @@ -63,12 +74,12 @@ static int __init mark_mt_init(void) { int ret; - ret = xt_register_target(&mark_tg_reg); + ret = xt_register_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg)); if (ret < 0) return ret; ret = xt_register_match(&mark_mt_reg); if (ret < 0) { - xt_unregister_target(&mark_tg_reg); + xt_unregister_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg)); return ret; } return 0; @@ -77,7 +88,7 @@ static int __init mark_mt_init(void) static void __exit mark_mt_exit(void) { xt_unregister_match(&mark_mt_reg); - xt_unregister_target(&mark_tg_reg); + xt_unregister_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg)); } module_init(mark_mt_init); -- 1.7.12.4 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH] Add NFPROTO_ARP for mark 2015-04-07 2:45 ` [PATCH] Add NFPROTO_ARP for mark Zhang Chunyu @ 2015-04-08 17:49 ` Pablo Neira Ayuso 2015-04-09 3:54 ` Zhang, Chunyu 0 siblings, 1 reply; 9+ messages in thread From: Pablo Neira Ayuso @ 2015-04-08 17:49 UTC (permalink / raw) To: Zhang Chunyu; +Cc: netfilter-devel On Mon, Apr 06, 2015 at 10:45:16PM -0400, Zhang Chunyu wrote: > need add NFPROTO_ARP and MODULE_ALIAS for arptables -mark > > Signed-off-by: Zhang Chunyu <zhangcy@cn.fujitsu.com> > --- > net/netfilter/xt_mark.c | 31 +++++++++++++++++++++---------- > 1 file changed, 21 insertions(+), 10 deletions(-) > > diff --git a/net/netfilter/xt_mark.c b/net/netfilter/xt_mark.c > index 2334523..5778062 100644 > --- a/net/netfilter/xt_mark.c > +++ b/net/netfilter/xt_mark.c > @@ -23,6 +23,7 @@ MODULE_ALIAS("ipt_mark"); > MODULE_ALIAS("ip6t_mark"); > MODULE_ALIAS("ipt_MARK"); > MODULE_ALIAS("ip6t_MARK"); > +MODULE_ALIAS("arpt_MARK"); This little change above is fine. > static unsigned int > mark_tg(struct sk_buff *skb, const struct xt_action_param *par) > @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par) > return ((skb->mark & info->mask) == info->mark) ^ info->invert; > } > > -static struct xt_target mark_tg_reg __read_mostly = { > - .name = "MARK", > - .revision = 2, > - .family = NFPROTO_UNSPEC, > - .target = mark_tg, > - .targetsize = sizeof(struct xt_mark_tginfo2), > - .me = THIS_MODULE, > +static struct xt_target mark_tg_reg[] __read_mostly = { > + { > + .name = "MARK", > + .revision = 2, > + .family = NFPROTO_UNSPEC, > + .target = mark_tg, > + .targetsize = sizeof(struct xt_mark_tginfo2), > + .me = THIS_MODULE, > + }, > + { > + .name = "MARK", > + .revision = 2, > + .family = NFPROTO_ARP, > + .target = mark_tg, > + .targetsize = sizeof(struct xt_mark_tginfo2), > + .me = THIS_MODULE, > + } > }; You don't need this. The problem is here that your patch: http://patchwork.ozlabs.org/patch/455966/ is missing this chunk: diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c index a034930..87404ce 100644 --- a/libarptc/libarptc_incl.c +++ b/libarptc/libarptc_incl.c @@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle, /* memset to all 0 for your memcmp convenience. */ memset(t->u.user.name + strlen(t->u.user.name), 0, - FUNCTION_MAXNAMELEN - strlen(t->u.user.name)); + FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name)); return 1; } Otherwise, the revision number is zeroed. And you don't need: http://patchwork.ozlabs.org/patch/455965/. Please, rebase your userspace patches on top of current arptables git and resubmit. Thanks. ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: Re: [PATCH] Add NFPROTO_ARP for mark 2015-04-08 17:49 ` Pablo Neira Ayuso @ 2015-04-09 3:54 ` Zhang, Chunyu 2015-04-09 10:41 ` Pablo Neira Ayuso 0 siblings, 1 reply; 9+ messages in thread From: Zhang, Chunyu @ 2015-04-09 3:54 UTC (permalink / raw) To: pablo; +Cc: netfilter-devel >From: Pablo Neira Ayuso >Date: 2015-04-09 >To: Zhang, Chunyu/章 春宇 >Subject: Re: [PATCH] Add NFPROTO_ARP for mark > >On Mon, Apr 06, 2015 at 10:45:16PM -0400, Zhang Chunyu wrote: >> need add NFPROTO_ARP and MODULE_ALIAS for arptables -mark >> >> Signed-off-by: Zhang Chunyu <zhangcy@cn.fujitsu.com> >> --- >> net/netfilter/xt_mark.c | 31 +++++++++++++++++++++---------- >> 1 file changed, 21 insertions(+), 10 deletions(-) >> >> diff --git a/net/netfilter/xt_mark.c b/net/netfilter/xt_mark.c >> index 2334523..5778062 100644 >> --- a/net/netfilter/xt_mark.c >> +++ b/net/netfilter/xt_mark.c >> @@ -23,6 +23,7 @@ MODULE_ALIAS("ipt_mark"); >> MODULE_ALIAS("ip6t_mark"); >> MODULE_ALIAS("ipt_MARK"); >> MODULE_ALIAS("ip6t_MARK"); >> +MODULE_ALIAS("arpt_MARK"); > >This little change above is fine. > >> static unsigned int >> mark_tg(struct sk_buff *skb, const struct xt_action_param *par) >> @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par) >> return ((skb->mark & info->mask) == info->mark) ^ info->invert; >> } >> >> -static struct xt_target mark_tg_reg __read_mostly = { >> - .name = "MARK", >> - .revision = 2, >> - .family = NFPROTO_UNSPEC, >> - .target = mark_tg, >> - .targetsize = sizeof(struct xt_mark_tginfo2), >> - .me = THIS_MODULE, >> +static struct xt_target mark_tg_reg[] __read_mostly = { >> + { >> + .name = "MARK", >> + .revision = 2, >> + .family = NFPROTO_UNSPEC, >> + .target = mark_tg, >> + .targetsize = sizeof(struct xt_mark_tginfo2), >> + .me = THIS_MODULE, >> + }, >> + { >> + .name = "MARK", >> + .revision = 2, >> + .family = NFPROTO_ARP, >> + .target = mark_tg, >> + .targetsize = sizeof(struct xt_mark_tginfo2), >> + .me = THIS_MODULE, >> + } >> }; > >You don't need this. > >The problem is here that your patch: > >http://patchwork.ozlabs.org/patch/455966/ > >is missing this chunk: > >diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c >index a034930..87404ce 100644 >--- a/libarptc/libarptc_incl.c >+++ b/libarptc/libarptc_incl.c >@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle, > /* memset to all 0 for your memcmp convenience. */ > memset(t->u.user.name + strlen(t->u.user.name), > 0, >- FUNCTION_MAXNAMELEN - strlen(t->u.user.name)); >+ FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name)); > return 1; > } > >Otherwise, the revision number is zeroed. > >And you don't need: http://patchwork.ozlabs.org/patch/455965/. > >Please, rebase your userspace patches on top of current arptables git >and resubmit. Thanks. get it 。will do。 why arptables --set-mark can work , when add NFPROTO_ARP to xt_mark ? ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: Re: [PATCH] Add NFPROTO_ARP for mark 2015-04-09 3:54 ` Zhang, Chunyu @ 2015-04-09 10:41 ` Pablo Neira Ayuso 2015-04-16 5:39 ` Zhang, Chunyu 0 siblings, 1 reply; 9+ messages in thread From: Pablo Neira Ayuso @ 2015-04-09 10:41 UTC (permalink / raw) To: Zhang, Chunyu; +Cc: netfilter-devel On Thu, Apr 09, 2015 at 03:54:33AM +0000, Zhang, Chunyu wrote: > >From: Pablo Neira Ayuso > >Date: 2015-04-09 > >To: Zhang, Chunyu/章 春宇 > >Subject: Re: [PATCH] Add NFPROTO_ARP for mark [...] > >> @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par) > >> return ((skb->mark & info->mask) == info->mark) ^ info->invert; > >> } > >> > >> -static struct xt_target mark_tg_reg __read_mostly = { > >> - .name = "MARK", > >> - .revision = 2, > >> - .family = NFPROTO_UNSPEC, > >> - .target = mark_tg, > >> - .targetsize = sizeof(struct xt_mark_tginfo2), > >> - .me = THIS_MODULE, > >> +static struct xt_target mark_tg_reg[] __read_mostly = { > >> + { > >> + .name = "MARK", > >> + .revision = 2, > >> + .family = NFPROTO_UNSPEC, > >> + .target = mark_tg, > >> + .targetsize = sizeof(struct xt_mark_tginfo2), > >> + .me = THIS_MODULE, > >> + }, > >> + { > >> + .name = "MARK", > >> + .revision = 2, > >> + .family = NFPROTO_ARP, > >> + .target = mark_tg, > >> + .targetsize = sizeof(struct xt_mark_tginfo2), > >> + .me = THIS_MODULE, > >> + } > >> }; > > > >You don't need this. > > > >The problem is here that your patch: > > > >http://patchwork.ozlabs.org/patch/455966/ > > > >is missing this chunk: > > > >diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c > >index a034930..87404ce 100644 > >--- a/libarptc/libarptc_incl.c > >+++ b/libarptc/libarptc_incl.c > >@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle, > > /* memset to all 0 for your memcmp convenience. */ > > memset(t->u.user.name + strlen(t->u.user.name), > > 0, > >- FUNCTION_MAXNAMELEN - strlen(t->u.user.name)); > >+ FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name)); > > return 1; > > } > > > >Otherwise, the revision number is zeroed. > > > >And you don't need: http://patchwork.ozlabs.org/patch/455965/. > > > >Please, rebase your userspace patches on top of current arptables git > >and resubmit. Thanks. > > get it 。will do。 > why arptables --set-mark can work , when add NFPROTO_ARP to xt_mark ? I guess you're still using the userspace patches you sent. If you rebase on top of current arptables HEAD, that will not work. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: Re: [PATCH] Add NFPROTO_ARP for mark 2015-04-09 10:41 ` Pablo Neira Ayuso @ 2015-04-16 5:39 ` Zhang, Chunyu 2015-04-16 5:45 ` Zhang, Chunyu 2015-04-16 11:06 ` Pablo Neira Ayuso 0 siblings, 2 replies; 9+ messages in thread From: Zhang, Chunyu @ 2015-04-16 5:39 UTC (permalink / raw) To: pablo; +Cc: netfilter-devel hi pablo >From: Pablo Neira Ayuso >Date: 2015-04-09 >To: Zhang, Chunyu/章 春宇 >Subject: Re: Re: [PATCH] Add NFPROTO_ARP for mark > >On Thu, Apr 09, 2015 at 03:54:33AM +0000, Zhang, Chunyu wrote: >> >From: Pablo Neira Ayuso >> >Date: 2015-04-09 >> >To: Zhang, Chunyu/章 春宇 >> >Subject: Re: [PATCH] Add NFPROTO_ARP for mark >[...] >> >> @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par) >> >> return ((skb->mark & info->mask) == info->mark) ^ info->invert; >> >> } >> >> >> >> -static struct xt_target mark_tg_reg __read_mostly = { >> >> - .name = "MARK", >> >> - .revision = 2, >> >> - .family = NFPROTO_UNSPEC, >> >> - .target = mark_tg, >> >> - .targetsize = sizeof(struct xt_mark_tginfo2), >> >> - .me = THIS_MODULE, >> >> +static struct xt_target mark_tg_reg[] __read_mostly = { >> >> + { >> >> + .name = "MARK", >> >> + .revision = 2, >> >> + .family = NFPROTO_UNSPEC, >> >> + .target = mark_tg, >> >> + .targetsize = sizeof(struct xt_mark_tginfo2), >> >> + .me = THIS_MODULE, >> >> + }, >> >> + { >> >> + .name = "MARK", >> >> + .revision = 2, >> >> + .family = NFPROTO_ARP, >> >> + .target = mark_tg, >> >> + .targetsize = sizeof(struct xt_mark_tginfo2), >> >> + .me = THIS_MODULE, >> >> + } >> >> }; >> > >> >You don't need this. >> > >> >The problem is here that your patch: >> > >> >http://patchwork.ozlabs.org/patch/455966/ >> > >> >is missing this chunk: >> > >> >diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c >> >index a034930..87404ce 100644 >> >--- a/libarptc/libarptc_incl.c >> >+++ b/libarptc/libarptc_incl.c >> >@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle, >> > /* memset to all 0 for your memcmp convenience. */ >> > memset(t->u.user.name + strlen(t->u.user.name), >> > 0, >> >- FUNCTION_MAXNAMELEN - strlen(t->u.user.name)); >> >+ FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name)); >> > return 1; >> > } 1. maybe should change like this? diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c index a034930..4049cbd 100644 --- a/libarptc/libarptc_incl.c +++ b/libarptc/libarptc_incl.c @@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle, /* memset to all 0 for your memcmp convenience. */ memset(t->u.user.name + strlen(t->u.user.name), 0, - FUNCTION_MAXNAMELEN - strlen(t->u.user.name)); + XT_EXTENSION_MAXNAMELEN - strlen(t->u.user.name)); return 1; } 2. mabye have other 4 places should change ? arptables.c:2330: if (chain && strlen(chain) > ARPT_FUNCTION_MAXNAMELEN) arptables.c:2333: chain, ARPT_FUNCTION_MAXNAMELEN); include/linux/netfilter/x_tables.h:71: char errorname[XT_FUNCTION_MAXNAMELEN]; libarptc/libarptc_incl.c:827: memset(t->target.u.user.name, 0, FUNCTION_MAXNAMELEN); >> > >> >Otherwise, the revision number is zeroed. >> > >> >And you don't need: http://patchwork.ozlabs.org/patch/455965/. >> > >> >Please, rebase your userspace patches on top of current arptables git >> >and resubmit. Thanks. >> >> get it 。will do。 >> why arptables --set-mark can work , when add NFPROTO_ARP to xt_mark ? > >I guess you're still using the userspace patches you sent. > >If you rebase on top of current arptables HEAD, that will not work. ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: Re: [PATCH] Add NFPROTO_ARP for mark 2015-04-16 5:39 ` Zhang, Chunyu @ 2015-04-16 5:45 ` Zhang, Chunyu 2015-04-16 11:06 ` Pablo Neira Ayuso 1 sibling, 0 replies; 9+ messages in thread From: Zhang, Chunyu @ 2015-04-16 5:45 UTC (permalink / raw) To: pablo; +Cc: netfilter-devel >From: netfilter-devel-owner >Date: 2015-04-16 >To: pablo@netfilter.org >Subject: Re: Re: [PATCH] Add NFPROTO_ARP for mark > > >hi pablo > >>From: Pablo Neira Ayuso >>Date: 2015-04-09 >>To: Zhang, Chunyu/章 春宇 >>Subject: Re: Re: [PATCH] Add NFPROTO_ARP for mark >> >>On Thu, Apr 09, 2015 at 03:54:33AM +0000, Zhang, Chunyu wrote: >>> >From: Pablo Neira Ayuso >>> >Date: 2015-04-09 >>> >To: Zhang, Chunyu/章 春宇 >>> >Subject: Re: [PATCH] Add NFPROTO_ARP for mark >>[...] >>> >> @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par) >>> >> return ((skb->mark & info->mask) == info->mark) ^ info->invert; >>> >> } >>> >> >>> >> -static struct xt_target mark_tg_reg __read_mostly = { >>> >> - .name = "MARK", >>> >> - .revision = 2, >>> >> - .family = NFPROTO_UNSPEC, >>> >> - .target = mark_tg, >>> >> - .targetsize = sizeof(struct xt_mark_tginfo2), >>> >> - .me = THIS_MODULE, >>> >> +static struct xt_target mark_tg_reg[] __read_mostly = { >>> >> + { >>> >> + .name = "MARK", >>> >> + .revision = 2, >>> >> + .family = NFPROTO_UNSPEC, >>> >> + .target = mark_tg, >>> >> + .targetsize = sizeof(struct xt_mark_tginfo2), >>> >> + .me = THIS_MODULE, >>> >> + }, >>> >> + { >>> >> + .name = "MARK", >>> >> + .revision = 2, >>> >> + .family = NFPROTO_ARP, >>> >> + .target = mark_tg, >>> >> + .targetsize = sizeof(struct xt_mark_tginfo2), >>> >> + .me = THIS_MODULE, >>> >> + } >>> >> }; >>> > >>> >You don't need this. >>> > >>> >The problem is here that your patch: >>> > >>> >http://patchwork.ozlabs.org/patch/455966/ >>> > >>> >is missing this chunk: >>> > >>> >diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c >>> >index a034930..87404ce 100644 >>> >--- a/libarptc/libarptc_incl.c >>> >+++ b/libarptc/libarptc_incl.c >>> >@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle, >>> > /* memset to all 0 for your memcmp convenience. */ >>> > memset(t->u.user.name + strlen(t->u.user.name), >>> > 0, >>> >- FUNCTION_MAXNAMELEN - strlen(t->u.user.name)); >>> >+ FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name)); >>> > return 1; >>> > } > >1. >maybe should change like this? > >diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c >index a034930..4049cbd 100644 >--- a/libarptc/libarptc_incl.c >+++ b/libarptc/libarptc_incl.c >@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle, > /* memset to all 0 for your memcmp convenience. */ > memset(t->u.user.name + strlen(t->u.user.name), > 0, >- FUNCTION_MAXNAMELEN - strlen(t->u.user.name)); >+ XT_EXTENSION_MAXNAMELEN - strlen(t->u.user.name)); > return 1; > } > >2. mabye have other 4 places should change ? >arptables.c:2330: if (chain && strlen(chain) > ARPT_FUNCTION_MAXNAMELEN) >arptables.c:2333: chain, ARPT_FUNCTION_MAXNAMELEN); >include/linux/netfilter/x_tables.h:71: char errorname[XT_FUNCTION_MAXNAMELEN]; >libarptc/libarptc_incl.c:827: memset(t->target.u.user.name, 0, FUNCTION_MAXNAMELEN); or change like this : diff --git a/libarptc/libarptc.c b/libarptc/libarptc.c index 0025a75..19b73d0 100644 --- a/libarptc/libarptc.c +++ b/libarptc/libarptc.c @@ -47,7 +47,7 @@ typedef unsigned int socklen_t; #define ENTRY_ITERATE ARPT_ENTRY_ITERATE #define TABLE_MAXNAMELEN ARPT_TABLE_MAXNAMELEN -#define FUNCTION_MAXNAMELEN ARPT_FUNCTION_MAXNAMELEN +#define FUNCTION_MAXNAMELEN XT_EXTENSION_MAXNAMELEN #define GET_TARGET arpt_get_target >>> > >>> >Otherwise, the revision number is zeroed. >>> > >>> >And you don't need: http://patchwork.ozlabs.org/patch/455965/. >>> > >>> >Please, rebase your userspace patches on top of current arptables git >>> >and resubmit. Thanks. >>> >>> get it 。will do。 >>> why arptables --set-mark can work , when add NFPROTO_ARP to xt_mark ? >> >>I guess you're still using the userspace patches you sent. >> >>If you rebase on top of current arptables HEAD, that will not work.N�����r��y���b�X��ǧv�^�){.n�+���z��u�ޖ)���w*\x1fjg���\x1e�����ݢj/���z�ޖ��2�ޙ���&�)ߡ�a��\x7f��\x1e�G���h�\x0f�j:+v���w�٥ ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: Re: [PATCH] Add NFPROTO_ARP for mark 2015-04-16 5:39 ` Zhang, Chunyu 2015-04-16 5:45 ` Zhang, Chunyu @ 2015-04-16 11:06 ` Pablo Neira Ayuso 2015-04-17 1:38 ` Zhang, Chunyu 1 sibling, 1 reply; 9+ messages in thread From: Pablo Neira Ayuso @ 2015-04-16 11:06 UTC (permalink / raw) To: Zhang, Chunyu; +Cc: netfilter-devel On Thu, Apr 16, 2015 at 05:39:31AM +0000, Zhang, Chunyu wrote: > > hi pablo > > >From: Pablo Neira Ayuso > >Date: 2015-04-09 > >To: Zhang, Chunyu/章 春宇 > >Subject: Re: Re: [PATCH] Add NFPROTO_ARP for mark > > > >On Thu, Apr 09, 2015 at 03:54:33AM +0000, Zhang, Chunyu wrote: > >> >From: Pablo Neira Ayuso > >> >Date: 2015-04-09 > >> >To: Zhang, Chunyu/章 春宇 > >> >Subject: Re: [PATCH] Add NFPROTO_ARP for mark > >[...] > >> >> @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par) > >> >> return ((skb->mark & info->mask) == info->mark) ^ info->invert; > >> >> } > >> >> > >> >> -static struct xt_target mark_tg_reg __read_mostly = { > >> >> - .name = "MARK", > >> >> - .revision = 2, > >> >> - .family = NFPROTO_UNSPEC, > >> >> - .target = mark_tg, > >> >> - .targetsize = sizeof(struct xt_mark_tginfo2), > >> >> - .me = THIS_MODULE, > >> >> +static struct xt_target mark_tg_reg[] __read_mostly = { > >> >> + { > >> >> + .name = "MARK", > >> >> + .revision = 2, > >> >> + .family = NFPROTO_UNSPEC, > >> >> + .target = mark_tg, > >> >> + .targetsize = sizeof(struct xt_mark_tginfo2), > >> >> + .me = THIS_MODULE, > >> >> + }, > >> >> + { > >> >> + .name = "MARK", > >> >> + .revision = 2, > >> >> + .family = NFPROTO_ARP, > >> >> + .target = mark_tg, > >> >> + .targetsize = sizeof(struct xt_mark_tginfo2), > >> >> + .me = THIS_MODULE, > >> >> + } > >> >> }; > >> > > >> >You don't need this. > >> > > >> >The problem is here that your patch: > >> > > >> >http://patchwork.ozlabs.org/patch/455966/ > >> > > >> >is missing this chunk: > >> > > >> >diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c > >> >index a034930..87404ce 100644 > >> >--- a/libarptc/libarptc_incl.c > >> >+++ b/libarptc/libarptc_incl.c > >> >@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle, > >> > /* memset to all 0 for your memcmp convenience. */ > >> > memset(t->u.user.name + strlen(t->u.user.name), > >> > 0, > >> >- FUNCTION_MAXNAMELEN - strlen(t->u.user.name)); > >> >+ FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name)); > >> > return 1; > >> > } > > 1. > maybe should change like this? > > diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c > index a034930..4049cbd 100644 > --- a/libarptc/libarptc_incl.c > +++ b/libarptc/libarptc_incl.c > @@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle, > /* memset to all 0 for your memcmp convenience. */ > memset(t->u.user.name + strlen(t->u.user.name), > 0, > - FUNCTION_MAXNAMELEN - strlen(t->u.user.name)); > + XT_EXTENSION_MAXNAMELEN - strlen(t->u.user.name)); No, you can't do this. After getting arptables userspace in sync with kernel headers, you can see that: #define ARPT_FUNCTION_MAXNAMELEN XT_FUNCTION_MAXNAMELEN and: libarptc/libarptc.c:#define FUNCTION_MAXNAMELEN ARPT_FUNCTION_MAXNAMELEN You have to do it the way I suggested. Another motivation to make it the way I indicated is that this will be in sync with iptables/ip6tables. Anyway, I have just pushed this branch: http://git.netfilter.org/arptables/log/?h=next to try to close this discussion. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: Re: [PATCH] Add NFPROTO_ARP for mark 2015-04-16 11:06 ` Pablo Neira Ayuso @ 2015-04-17 1:38 ` Zhang, Chunyu 0 siblings, 0 replies; 9+ messages in thread From: Zhang, Chunyu @ 2015-04-17 1:38 UTC (permalink / raw) To: pablo; +Cc: netfilter-devel >From: netfilter-devel-owner >Date: 2015-04-16 >To: Zhang, Chunyu/章 春宇 >Subject: Re: Re: [PATCH] Add NFPROTO_ARP for mark > >On Thu, Apr 16, 2015 at 05:39:31AM +0000, Zhang, Chunyu wrote: >> >> hi pablo >> >> >From: Pablo Neira Ayuso >> >Date: 2015-04-09 >> >To: Zhang, Chunyu/章 春宇 >> >Subject: Re: Re: [PATCH] Add NFPROTO_ARP for mark >> > >> >On Thu, Apr 09, 2015 at 03:54:33AM +0000, Zhang, Chunyu wrote: >> >> >From: Pablo Neira Ayuso >> >> >Date: 2015-04-09 >> >> >To: Zhang, Chunyu/章 春宇 >> >> >Subject: Re: [PATCH] Add NFPROTO_ARP for mark >> >[...] >> >> >> @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par) >> >> >> return ((skb->mark & info->mask) == info->mark) ^ info->invert; >> >> >> } >> >> >> >> >> >> -static struct xt_target mark_tg_reg __read_mostly = { >> >> >> - .name = "MARK", >> >> >> - .revision = 2, >> >> >> - .family = NFPROTO_UNSPEC, >> >> >> - .target = mark_tg, >> >> >> - .targetsize = sizeof(struct xt_mark_tginfo2), >> >> >> - .me = THIS_MODULE, >> >> >> +static struct xt_target mark_tg_reg[] __read_mostly = { >> >> >> + { >> >> >> + .name = "MARK", >> >> >> + .revision = 2, >> >> >> + .family = NFPROTO_UNSPEC, >> >> >> + .target = mark_tg, >> >> >> + .targetsize = sizeof(struct xt_mark_tginfo2), >> >> >> + .me = THIS_MODULE, >> >> >> + }, >> >> >> + { >> >> >> + .name = "MARK", >> >> >> + .revision = 2, >> >> >> + .family = NFPROTO_ARP, >> >> >> + .target = mark_tg, >> >> >> + .targetsize = sizeof(struct xt_mark_tginfo2), >> >> >> + .me = THIS_MODULE, >> >> >> + } >> >> >> }; >> >> > >> >> >You don't need this. >> >> > >> >> >The problem is here that your patch: >> >> > >> >> >http://patchwork.ozlabs.org/patch/455966/ >> >> > >> >> >is missing this chunk: >> >> > >> >> >diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c >> >> >index a034930..87404ce 100644 >> >> >--- a/libarptc/libarptc_incl.c >> >> >+++ b/libarptc/libarptc_incl.c >> >> >@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle, >> >> > /* memset to all 0 for your memcmp convenience. */ >> >> > memset(t->u.user.name + strlen(t->u.user.name), >> >> > 0, >> >> >- FUNCTION_MAXNAMELEN - strlen(t->u.user.name)); >> >> >+ FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name)); >> >> > return 1; >> >> > } >> >> 1. >> maybe should change like this? >> >> diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c >> index a034930..4049cbd 100644 >> --- a/libarptc/libarptc_incl.c >> +++ b/libarptc/libarptc_incl.c >> @@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle, >> /* memset to all 0 for your memcmp convenience. */ >> memset(t->u.user.name + strlen(t->u.user.name), >> 0, >> - FUNCTION_MAXNAMELEN - strlen(t->u.user.name)); >> + XT_EXTENSION_MAXNAMELEN - strlen(t->u.user.name)); > >No, you can't do this. > >After getting arptables userspace in sync with kernel headers, you can >see that: > >#define ARPT_FUNCTION_MAXNAMELEN XT_FUNCTION_MAXNAMELEN > >and: > >libarptc/libarptc.c:#define FUNCTION_MAXNAMELEN ARPT_FUNCTION_MAXNAMELEN > >You have to do it the way I suggested. > >Another motivation to make it the way I indicated is that this will be >in sync with iptables/ip6tables. > >Anyway, I have just pushed this branch: > >http://git.netfilter.org/arptables/log/?h=next > >to try to close this discussion. ok. thanks. >-- >To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in >the body of a message to majordomo@vger.kernel.org >More majordomo info at http://vger.kernel.org/majordomo-info.html ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2015-04-17 1:39 UTC | newest] Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2015-04-07 2:45 [PATCH] Add NFPROTO_ARP for mark target Zhang Chunyu 2015-04-07 2:45 ` [PATCH] Add NFPROTO_ARP for mark Zhang Chunyu 2015-04-08 17:49 ` Pablo Neira Ayuso 2015-04-09 3:54 ` Zhang, Chunyu 2015-04-09 10:41 ` Pablo Neira Ayuso 2015-04-16 5:39 ` Zhang, Chunyu 2015-04-16 5:45 ` Zhang, Chunyu 2015-04-16 11:06 ` Pablo Neira Ayuso 2015-04-17 1:38 ` Zhang, Chunyu
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.