* [PATCH] Add NFPROTO_ARP for mark target
@ 2015-04-07 2:45 Zhang Chunyu
2015-04-07 2:45 ` [PATCH] Add NFPROTO_ARP for mark Zhang Chunyu
0 siblings, 1 reply; 9+ messages in thread
From: Zhang Chunyu @ 2015-04-07 2:45 UTC (permalink / raw)
To: netfilter-devel; +Cc: Zhang Chunyu
this patch is for arptables --set-mark
http://www.spinics.net/lists/netfilter-devel/msg35913.html
Zhang Chunyu (1):
Add NFPROTO_ARP for mark
net/netfilter/xt_mark.c | 31 +++++++++++++++++++++----------
1 file changed, 21 insertions(+), 10 deletions(-)
--
1.7.12.4
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH] Add NFPROTO_ARP for mark
2015-04-07 2:45 [PATCH] Add NFPROTO_ARP for mark target Zhang Chunyu
@ 2015-04-07 2:45 ` Zhang Chunyu
2015-04-08 17:49 ` Pablo Neira Ayuso
0 siblings, 1 reply; 9+ messages in thread
From: Zhang Chunyu @ 2015-04-07 2:45 UTC (permalink / raw)
To: netfilter-devel; +Cc: Zhang Chunyu
need add NFPROTO_ARP and MODULE_ALIAS for arptables -mark
Signed-off-by: Zhang Chunyu <zhangcy@cn.fujitsu.com>
---
net/netfilter/xt_mark.c | 31 +++++++++++++++++++++----------
1 file changed, 21 insertions(+), 10 deletions(-)
diff --git a/net/netfilter/xt_mark.c b/net/netfilter/xt_mark.c
index 2334523..5778062 100644
--- a/net/netfilter/xt_mark.c
+++ b/net/netfilter/xt_mark.c
@@ -23,6 +23,7 @@ MODULE_ALIAS("ipt_mark");
MODULE_ALIAS("ip6t_mark");
MODULE_ALIAS("ipt_MARK");
MODULE_ALIAS("ip6t_MARK");
+MODULE_ALIAS("arpt_MARK");
static unsigned int
mark_tg(struct sk_buff *skb, const struct xt_action_param *par)
@@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par)
return ((skb->mark & info->mask) == info->mark) ^ info->invert;
}
-static struct xt_target mark_tg_reg __read_mostly = {
- .name = "MARK",
- .revision = 2,
- .family = NFPROTO_UNSPEC,
- .target = mark_tg,
- .targetsize = sizeof(struct xt_mark_tginfo2),
- .me = THIS_MODULE,
+static struct xt_target mark_tg_reg[] __read_mostly = {
+ {
+ .name = "MARK",
+ .revision = 2,
+ .family = NFPROTO_UNSPEC,
+ .target = mark_tg,
+ .targetsize = sizeof(struct xt_mark_tginfo2),
+ .me = THIS_MODULE,
+ },
+ {
+ .name = "MARK",
+ .revision = 2,
+ .family = NFPROTO_ARP,
+ .target = mark_tg,
+ .targetsize = sizeof(struct xt_mark_tginfo2),
+ .me = THIS_MODULE,
+ }
};
static struct xt_match mark_mt_reg __read_mostly = {
@@ -63,12 +74,12 @@ static int __init mark_mt_init(void)
{
int ret;
- ret = xt_register_target(&mark_tg_reg);
+ ret = xt_register_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg));
if (ret < 0)
return ret;
ret = xt_register_match(&mark_mt_reg);
if (ret < 0) {
- xt_unregister_target(&mark_tg_reg);
+ xt_unregister_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg));
return ret;
}
return 0;
@@ -77,7 +88,7 @@ static int __init mark_mt_init(void)
static void __exit mark_mt_exit(void)
{
xt_unregister_match(&mark_mt_reg);
- xt_unregister_target(&mark_tg_reg);
+ xt_unregister_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg));
}
module_init(mark_mt_init);
--
1.7.12.4
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH] Add NFPROTO_ARP for mark
2015-04-07 2:45 ` [PATCH] Add NFPROTO_ARP for mark Zhang Chunyu
@ 2015-04-08 17:49 ` Pablo Neira Ayuso
2015-04-09 3:54 ` Zhang, Chunyu
0 siblings, 1 reply; 9+ messages in thread
From: Pablo Neira Ayuso @ 2015-04-08 17:49 UTC (permalink / raw)
To: Zhang Chunyu; +Cc: netfilter-devel
On Mon, Apr 06, 2015 at 10:45:16PM -0400, Zhang Chunyu wrote:
> need add NFPROTO_ARP and MODULE_ALIAS for arptables -mark
>
> Signed-off-by: Zhang Chunyu <zhangcy@cn.fujitsu.com>
> ---
> net/netfilter/xt_mark.c | 31 +++++++++++++++++++++----------
> 1 file changed, 21 insertions(+), 10 deletions(-)
>
> diff --git a/net/netfilter/xt_mark.c b/net/netfilter/xt_mark.c
> index 2334523..5778062 100644
> --- a/net/netfilter/xt_mark.c
> +++ b/net/netfilter/xt_mark.c
> @@ -23,6 +23,7 @@ MODULE_ALIAS("ipt_mark");
> MODULE_ALIAS("ip6t_mark");
> MODULE_ALIAS("ipt_MARK");
> MODULE_ALIAS("ip6t_MARK");
> +MODULE_ALIAS("arpt_MARK");
This little change above is fine.
> static unsigned int
> mark_tg(struct sk_buff *skb, const struct xt_action_param *par)
> @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par)
> return ((skb->mark & info->mask) == info->mark) ^ info->invert;
> }
>
> -static struct xt_target mark_tg_reg __read_mostly = {
> - .name = "MARK",
> - .revision = 2,
> - .family = NFPROTO_UNSPEC,
> - .target = mark_tg,
> - .targetsize = sizeof(struct xt_mark_tginfo2),
> - .me = THIS_MODULE,
> +static struct xt_target mark_tg_reg[] __read_mostly = {
> + {
> + .name = "MARK",
> + .revision = 2,
> + .family = NFPROTO_UNSPEC,
> + .target = mark_tg,
> + .targetsize = sizeof(struct xt_mark_tginfo2),
> + .me = THIS_MODULE,
> + },
> + {
> + .name = "MARK",
> + .revision = 2,
> + .family = NFPROTO_ARP,
> + .target = mark_tg,
> + .targetsize = sizeof(struct xt_mark_tginfo2),
> + .me = THIS_MODULE,
> + }
> };
You don't need this.
The problem is here that your patch:
http://patchwork.ozlabs.org/patch/455966/
is missing this chunk:
diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c
index a034930..87404ce 100644
--- a/libarptc/libarptc_incl.c
+++ b/libarptc/libarptc_incl.c
@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle,
/* memset to all 0 for your memcmp convenience. */
memset(t->u.user.name + strlen(t->u.user.name),
0,
- FUNCTION_MAXNAMELEN - strlen(t->u.user.name));
+ FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name));
return 1;
}
Otherwise, the revision number is zeroed.
And you don't need: http://patchwork.ozlabs.org/patch/455965/.
Please, rebase your userspace patches on top of current arptables git
and resubmit. Thanks.
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: Re: [PATCH] Add NFPROTO_ARP for mark
2015-04-08 17:49 ` Pablo Neira Ayuso
@ 2015-04-09 3:54 ` Zhang, Chunyu
2015-04-09 10:41 ` Pablo Neira Ayuso
0 siblings, 1 reply; 9+ messages in thread
From: Zhang, Chunyu @ 2015-04-09 3:54 UTC (permalink / raw)
To: pablo; +Cc: netfilter-devel
>From: Pablo Neira Ayuso
>Date: 2015-04-09
>To: Zhang, Chunyu/章 春宇
>Subject: Re: [PATCH] Add NFPROTO_ARP for mark
>
>On Mon, Apr 06, 2015 at 10:45:16PM -0400, Zhang Chunyu wrote:
>> need add NFPROTO_ARP and MODULE_ALIAS for arptables -mark
>>
>> Signed-off-by: Zhang Chunyu <zhangcy@cn.fujitsu.com>
>> ---
>> net/netfilter/xt_mark.c | 31 +++++++++++++++++++++----------
>> 1 file changed, 21 insertions(+), 10 deletions(-)
>>
>> diff --git a/net/netfilter/xt_mark.c b/net/netfilter/xt_mark.c
>> index 2334523..5778062 100644
>> --- a/net/netfilter/xt_mark.c
>> +++ b/net/netfilter/xt_mark.c
>> @@ -23,6 +23,7 @@ MODULE_ALIAS("ipt_mark");
>> MODULE_ALIAS("ip6t_mark");
>> MODULE_ALIAS("ipt_MARK");
>> MODULE_ALIAS("ip6t_MARK");
>> +MODULE_ALIAS("arpt_MARK");
>
>This little change above is fine.
>
>> static unsigned int
>> mark_tg(struct sk_buff *skb, const struct xt_action_param *par)
>> @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par)
>> return ((skb->mark & info->mask) == info->mark) ^ info->invert;
>> }
>>
>> -static struct xt_target mark_tg_reg __read_mostly = {
>> - .name = "MARK",
>> - .revision = 2,
>> - .family = NFPROTO_UNSPEC,
>> - .target = mark_tg,
>> - .targetsize = sizeof(struct xt_mark_tginfo2),
>> - .me = THIS_MODULE,
>> +static struct xt_target mark_tg_reg[] __read_mostly = {
>> + {
>> + .name = "MARK",
>> + .revision = 2,
>> + .family = NFPROTO_UNSPEC,
>> + .target = mark_tg,
>> + .targetsize = sizeof(struct xt_mark_tginfo2),
>> + .me = THIS_MODULE,
>> + },
>> + {
>> + .name = "MARK",
>> + .revision = 2,
>> + .family = NFPROTO_ARP,
>> + .target = mark_tg,
>> + .targetsize = sizeof(struct xt_mark_tginfo2),
>> + .me = THIS_MODULE,
>> + }
>> };
>
>You don't need this.
>
>The problem is here that your patch:
>
>http://patchwork.ozlabs.org/patch/455966/
>
>is missing this chunk:
>
>diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c
>index a034930..87404ce 100644
>--- a/libarptc/libarptc_incl.c
>+++ b/libarptc/libarptc_incl.c
>@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle,
> /* memset to all 0 for your memcmp convenience. */
> memset(t->u.user.name + strlen(t->u.user.name),
> 0,
>- FUNCTION_MAXNAMELEN - strlen(t->u.user.name));
>+ FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name));
> return 1;
> }
>
>Otherwise, the revision number is zeroed.
>
>And you don't need: http://patchwork.ozlabs.org/patch/455965/.
>
>Please, rebase your userspace patches on top of current arptables git
>and resubmit. Thanks.
get it 。will do。
why arptables --set-mark can work , when add NFPROTO_ARP to xt_mark ?
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: Re: [PATCH] Add NFPROTO_ARP for mark
2015-04-09 3:54 ` Zhang, Chunyu
@ 2015-04-09 10:41 ` Pablo Neira Ayuso
2015-04-16 5:39 ` Zhang, Chunyu
0 siblings, 1 reply; 9+ messages in thread
From: Pablo Neira Ayuso @ 2015-04-09 10:41 UTC (permalink / raw)
To: Zhang, Chunyu; +Cc: netfilter-devel
On Thu, Apr 09, 2015 at 03:54:33AM +0000, Zhang, Chunyu wrote:
> >From: Pablo Neira Ayuso
> >Date: 2015-04-09
> >To: Zhang, Chunyu/章 春宇
> >Subject: Re: [PATCH] Add NFPROTO_ARP for mark
[...]
> >> @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par)
> >> return ((skb->mark & info->mask) == info->mark) ^ info->invert;
> >> }
> >>
> >> -static struct xt_target mark_tg_reg __read_mostly = {
> >> - .name = "MARK",
> >> - .revision = 2,
> >> - .family = NFPROTO_UNSPEC,
> >> - .target = mark_tg,
> >> - .targetsize = sizeof(struct xt_mark_tginfo2),
> >> - .me = THIS_MODULE,
> >> +static struct xt_target mark_tg_reg[] __read_mostly = {
> >> + {
> >> + .name = "MARK",
> >> + .revision = 2,
> >> + .family = NFPROTO_UNSPEC,
> >> + .target = mark_tg,
> >> + .targetsize = sizeof(struct xt_mark_tginfo2),
> >> + .me = THIS_MODULE,
> >> + },
> >> + {
> >> + .name = "MARK",
> >> + .revision = 2,
> >> + .family = NFPROTO_ARP,
> >> + .target = mark_tg,
> >> + .targetsize = sizeof(struct xt_mark_tginfo2),
> >> + .me = THIS_MODULE,
> >> + }
> >> };
> >
> >You don't need this.
> >
> >The problem is here that your patch:
> >
> >http://patchwork.ozlabs.org/patch/455966/
> >
> >is missing this chunk:
> >
> >diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c
> >index a034930..87404ce 100644
> >--- a/libarptc/libarptc_incl.c
> >+++ b/libarptc/libarptc_incl.c
> >@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle,
> > /* memset to all 0 for your memcmp convenience. */
> > memset(t->u.user.name + strlen(t->u.user.name),
> > 0,
> >- FUNCTION_MAXNAMELEN - strlen(t->u.user.name));
> >+ FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name));
> > return 1;
> > }
> >
> >Otherwise, the revision number is zeroed.
> >
> >And you don't need: http://patchwork.ozlabs.org/patch/455965/.
> >
> >Please, rebase your userspace patches on top of current arptables git
> >and resubmit. Thanks.
>
> get it 。will do。
> why arptables --set-mark can work , when add NFPROTO_ARP to xt_mark ?
I guess you're still using the userspace patches you sent.
If you rebase on top of current arptables HEAD, that will not work.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: Re: [PATCH] Add NFPROTO_ARP for mark
2015-04-09 10:41 ` Pablo Neira Ayuso
@ 2015-04-16 5:39 ` Zhang, Chunyu
2015-04-16 5:45 ` Zhang, Chunyu
2015-04-16 11:06 ` Pablo Neira Ayuso
0 siblings, 2 replies; 9+ messages in thread
From: Zhang, Chunyu @ 2015-04-16 5:39 UTC (permalink / raw)
To: pablo; +Cc: netfilter-devel
hi pablo
>From: Pablo Neira Ayuso
>Date: 2015-04-09
>To: Zhang, Chunyu/章 春宇
>Subject: Re: Re: [PATCH] Add NFPROTO_ARP for mark
>
>On Thu, Apr 09, 2015 at 03:54:33AM +0000, Zhang, Chunyu wrote:
>> >From: Pablo Neira Ayuso
>> >Date: 2015-04-09
>> >To: Zhang, Chunyu/章 春宇
>> >Subject: Re: [PATCH] Add NFPROTO_ARP for mark
>[...]
>> >> @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par)
>> >> return ((skb->mark & info->mask) == info->mark) ^ info->invert;
>> >> }
>> >>
>> >> -static struct xt_target mark_tg_reg __read_mostly = {
>> >> - .name = "MARK",
>> >> - .revision = 2,
>> >> - .family = NFPROTO_UNSPEC,
>> >> - .target = mark_tg,
>> >> - .targetsize = sizeof(struct xt_mark_tginfo2),
>> >> - .me = THIS_MODULE,
>> >> +static struct xt_target mark_tg_reg[] __read_mostly = {
>> >> + {
>> >> + .name = "MARK",
>> >> + .revision = 2,
>> >> + .family = NFPROTO_UNSPEC,
>> >> + .target = mark_tg,
>> >> + .targetsize = sizeof(struct xt_mark_tginfo2),
>> >> + .me = THIS_MODULE,
>> >> + },
>> >> + {
>> >> + .name = "MARK",
>> >> + .revision = 2,
>> >> + .family = NFPROTO_ARP,
>> >> + .target = mark_tg,
>> >> + .targetsize = sizeof(struct xt_mark_tginfo2),
>> >> + .me = THIS_MODULE,
>> >> + }
>> >> };
>> >
>> >You don't need this.
>> >
>> >The problem is here that your patch:
>> >
>> >http://patchwork.ozlabs.org/patch/455966/
>> >
>> >is missing this chunk:
>> >
>> >diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c
>> >index a034930..87404ce 100644
>> >--- a/libarptc/libarptc_incl.c
>> >+++ b/libarptc/libarptc_incl.c
>> >@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle,
>> > /* memset to all 0 for your memcmp convenience. */
>> > memset(t->u.user.name + strlen(t->u.user.name),
>> > 0,
>> >- FUNCTION_MAXNAMELEN - strlen(t->u.user.name));
>> >+ FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name));
>> > return 1;
>> > }
1.
maybe should change like this?
diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c
index a034930..4049cbd 100644
--- a/libarptc/libarptc_incl.c
+++ b/libarptc/libarptc_incl.c
@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle,
/* memset to all 0 for your memcmp convenience. */
memset(t->u.user.name + strlen(t->u.user.name),
0,
- FUNCTION_MAXNAMELEN - strlen(t->u.user.name));
+ XT_EXTENSION_MAXNAMELEN - strlen(t->u.user.name));
return 1;
}
2. mabye have other 4 places should change ?
arptables.c:2330: if (chain && strlen(chain) > ARPT_FUNCTION_MAXNAMELEN)
arptables.c:2333: chain, ARPT_FUNCTION_MAXNAMELEN);
include/linux/netfilter/x_tables.h:71: char errorname[XT_FUNCTION_MAXNAMELEN];
libarptc/libarptc_incl.c:827: memset(t->target.u.user.name, 0, FUNCTION_MAXNAMELEN);
>> >
>> >Otherwise, the revision number is zeroed.
>> >
>> >And you don't need: http://patchwork.ozlabs.org/patch/455965/.
>> >
>> >Please, rebase your userspace patches on top of current arptables git
>> >and resubmit. Thanks.
>>
>> get it 。will do。
>> why arptables --set-mark can work , when add NFPROTO_ARP to xt_mark ?
>
>I guess you're still using the userspace patches you sent.
>
>If you rebase on top of current arptables HEAD, that will not work.
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: Re: [PATCH] Add NFPROTO_ARP for mark
2015-04-16 5:39 ` Zhang, Chunyu
@ 2015-04-16 5:45 ` Zhang, Chunyu
2015-04-16 11:06 ` Pablo Neira Ayuso
1 sibling, 0 replies; 9+ messages in thread
From: Zhang, Chunyu @ 2015-04-16 5:45 UTC (permalink / raw)
To: pablo; +Cc: netfilter-devel
>From: netfilter-devel-owner
>Date: 2015-04-16
>To: pablo@netfilter.org
>Subject: Re: Re: [PATCH] Add NFPROTO_ARP for mark
>
>
>hi pablo
>
>>From: Pablo Neira Ayuso
>>Date: 2015-04-09
>>To: Zhang, Chunyu/章 春宇
>>Subject: Re: Re: [PATCH] Add NFPROTO_ARP for mark
>>
>>On Thu, Apr 09, 2015 at 03:54:33AM +0000, Zhang, Chunyu wrote:
>>> >From: Pablo Neira Ayuso
>>> >Date: 2015-04-09
>>> >To: Zhang, Chunyu/章 春宇
>>> >Subject: Re: [PATCH] Add NFPROTO_ARP for mark
>>[...]
>>> >> @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par)
>>> >> return ((skb->mark & info->mask) == info->mark) ^ info->invert;
>>> >> }
>>> >>
>>> >> -static struct xt_target mark_tg_reg __read_mostly = {
>>> >> - .name = "MARK",
>>> >> - .revision = 2,
>>> >> - .family = NFPROTO_UNSPEC,
>>> >> - .target = mark_tg,
>>> >> - .targetsize = sizeof(struct xt_mark_tginfo2),
>>> >> - .me = THIS_MODULE,
>>> >> +static struct xt_target mark_tg_reg[] __read_mostly = {
>>> >> + {
>>> >> + .name = "MARK",
>>> >> + .revision = 2,
>>> >> + .family = NFPROTO_UNSPEC,
>>> >> + .target = mark_tg,
>>> >> + .targetsize = sizeof(struct xt_mark_tginfo2),
>>> >> + .me = THIS_MODULE,
>>> >> + },
>>> >> + {
>>> >> + .name = "MARK",
>>> >> + .revision = 2,
>>> >> + .family = NFPROTO_ARP,
>>> >> + .target = mark_tg,
>>> >> + .targetsize = sizeof(struct xt_mark_tginfo2),
>>> >> + .me = THIS_MODULE,
>>> >> + }
>>> >> };
>>> >
>>> >You don't need this.
>>> >
>>> >The problem is here that your patch:
>>> >
>>> >http://patchwork.ozlabs.org/patch/455966/
>>> >
>>> >is missing this chunk:
>>> >
>>> >diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c
>>> >index a034930..87404ce 100644
>>> >--- a/libarptc/libarptc_incl.c
>>> >+++ b/libarptc/libarptc_incl.c
>>> >@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle,
>>> > /* memset to all 0 for your memcmp convenience. */
>>> > memset(t->u.user.name + strlen(t->u.user.name),
>>> > 0,
>>> >- FUNCTION_MAXNAMELEN - strlen(t->u.user.name));
>>> >+ FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name));
>>> > return 1;
>>> > }
>
>1.
>maybe should change like this?
>
>diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c
>index a034930..4049cbd 100644
>--- a/libarptc/libarptc_incl.c
>+++ b/libarptc/libarptc_incl.c
>@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle,
> /* memset to all 0 for your memcmp convenience. */
> memset(t->u.user.name + strlen(t->u.user.name),
> 0,
>- FUNCTION_MAXNAMELEN - strlen(t->u.user.name));
>+ XT_EXTENSION_MAXNAMELEN - strlen(t->u.user.name));
> return 1;
> }
>
>2. mabye have other 4 places should change ?
>arptables.c:2330: if (chain && strlen(chain) > ARPT_FUNCTION_MAXNAMELEN)
>arptables.c:2333: chain, ARPT_FUNCTION_MAXNAMELEN);
>include/linux/netfilter/x_tables.h:71: char errorname[XT_FUNCTION_MAXNAMELEN];
>libarptc/libarptc_incl.c:827: memset(t->target.u.user.name, 0, FUNCTION_MAXNAMELEN);
or change like this :
diff --git a/libarptc/libarptc.c b/libarptc/libarptc.c
index 0025a75..19b73d0 100644
--- a/libarptc/libarptc.c
+++ b/libarptc/libarptc.c
@@ -47,7 +47,7 @@ typedef unsigned int socklen_t;
#define ENTRY_ITERATE ARPT_ENTRY_ITERATE
#define TABLE_MAXNAMELEN ARPT_TABLE_MAXNAMELEN
-#define FUNCTION_MAXNAMELEN ARPT_FUNCTION_MAXNAMELEN
+#define FUNCTION_MAXNAMELEN XT_EXTENSION_MAXNAMELEN
#define GET_TARGET arpt_get_target
>>> >
>>> >Otherwise, the revision number is zeroed.
>>> >
>>> >And you don't need: http://patchwork.ozlabs.org/patch/455965/.
>>> >
>>> >Please, rebase your userspace patches on top of current arptables git
>>> >and resubmit. Thanks.
>>>
>>> get it 。will do。
>>> why arptables --set-mark can work , when add NFPROTO_ARP to xt_mark ?
>>
>>I guess you're still using the userspace patches you sent.
>>
>>If you rebase on top of current arptables HEAD, that will not work.N�����r��y���b�X��ǧv�^�){.n�+���z��u�ޖ)���w*\x1fjg���\x1e�����ݢj/���z�ޖ��2�ޙ���&�)ߡ�a��\x7f��\x1e�G���h�\x0f�j:+v���w�٥
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: Re: [PATCH] Add NFPROTO_ARP for mark
2015-04-16 5:39 ` Zhang, Chunyu
2015-04-16 5:45 ` Zhang, Chunyu
@ 2015-04-16 11:06 ` Pablo Neira Ayuso
2015-04-17 1:38 ` Zhang, Chunyu
1 sibling, 1 reply; 9+ messages in thread
From: Pablo Neira Ayuso @ 2015-04-16 11:06 UTC (permalink / raw)
To: Zhang, Chunyu; +Cc: netfilter-devel
On Thu, Apr 16, 2015 at 05:39:31AM +0000, Zhang, Chunyu wrote:
>
> hi pablo
>
> >From: Pablo Neira Ayuso
> >Date: 2015-04-09
> >To: Zhang, Chunyu/章 春宇
> >Subject: Re: Re: [PATCH] Add NFPROTO_ARP for mark
> >
> >On Thu, Apr 09, 2015 at 03:54:33AM +0000, Zhang, Chunyu wrote:
> >> >From: Pablo Neira Ayuso
> >> >Date: 2015-04-09
> >> >To: Zhang, Chunyu/章 春宇
> >> >Subject: Re: [PATCH] Add NFPROTO_ARP for mark
> >[...]
> >> >> @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par)
> >> >> return ((skb->mark & info->mask) == info->mark) ^ info->invert;
> >> >> }
> >> >>
> >> >> -static struct xt_target mark_tg_reg __read_mostly = {
> >> >> - .name = "MARK",
> >> >> - .revision = 2,
> >> >> - .family = NFPROTO_UNSPEC,
> >> >> - .target = mark_tg,
> >> >> - .targetsize = sizeof(struct xt_mark_tginfo2),
> >> >> - .me = THIS_MODULE,
> >> >> +static struct xt_target mark_tg_reg[] __read_mostly = {
> >> >> + {
> >> >> + .name = "MARK",
> >> >> + .revision = 2,
> >> >> + .family = NFPROTO_UNSPEC,
> >> >> + .target = mark_tg,
> >> >> + .targetsize = sizeof(struct xt_mark_tginfo2),
> >> >> + .me = THIS_MODULE,
> >> >> + },
> >> >> + {
> >> >> + .name = "MARK",
> >> >> + .revision = 2,
> >> >> + .family = NFPROTO_ARP,
> >> >> + .target = mark_tg,
> >> >> + .targetsize = sizeof(struct xt_mark_tginfo2),
> >> >> + .me = THIS_MODULE,
> >> >> + }
> >> >> };
> >> >
> >> >You don't need this.
> >> >
> >> >The problem is here that your patch:
> >> >
> >> >http://patchwork.ozlabs.org/patch/455966/
> >> >
> >> >is missing this chunk:
> >> >
> >> >diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c
> >> >index a034930..87404ce 100644
> >> >--- a/libarptc/libarptc_incl.c
> >> >+++ b/libarptc/libarptc_incl.c
> >> >@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle,
> >> > /* memset to all 0 for your memcmp convenience. */
> >> > memset(t->u.user.name + strlen(t->u.user.name),
> >> > 0,
> >> >- FUNCTION_MAXNAMELEN - strlen(t->u.user.name));
> >> >+ FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name));
> >> > return 1;
> >> > }
>
> 1.
> maybe should change like this?
>
> diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c
> index a034930..4049cbd 100644
> --- a/libarptc/libarptc_incl.c
> +++ b/libarptc/libarptc_incl.c
> @@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle,
> /* memset to all 0 for your memcmp convenience. */
> memset(t->u.user.name + strlen(t->u.user.name),
> 0,
> - FUNCTION_MAXNAMELEN - strlen(t->u.user.name));
> + XT_EXTENSION_MAXNAMELEN - strlen(t->u.user.name));
No, you can't do this.
After getting arptables userspace in sync with kernel headers, you can
see that:
#define ARPT_FUNCTION_MAXNAMELEN XT_FUNCTION_MAXNAMELEN
and:
libarptc/libarptc.c:#define FUNCTION_MAXNAMELEN ARPT_FUNCTION_MAXNAMELEN
You have to do it the way I suggested.
Another motivation to make it the way I indicated is that this will be
in sync with iptables/ip6tables.
Anyway, I have just pushed this branch:
http://git.netfilter.org/arptables/log/?h=next
to try to close this discussion.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: Re: [PATCH] Add NFPROTO_ARP for mark
2015-04-16 11:06 ` Pablo Neira Ayuso
@ 2015-04-17 1:38 ` Zhang, Chunyu
0 siblings, 0 replies; 9+ messages in thread
From: Zhang, Chunyu @ 2015-04-17 1:38 UTC (permalink / raw)
To: pablo; +Cc: netfilter-devel
>From: netfilter-devel-owner
>Date: 2015-04-16
>To: Zhang, Chunyu/章 春宇
>Subject: Re: Re: [PATCH] Add NFPROTO_ARP for mark
>
>On Thu, Apr 16, 2015 at 05:39:31AM +0000, Zhang, Chunyu wrote:
>>
>> hi pablo
>>
>> >From: Pablo Neira Ayuso
>> >Date: 2015-04-09
>> >To: Zhang, Chunyu/章 春宇
>> >Subject: Re: Re: [PATCH] Add NFPROTO_ARP for mark
>> >
>> >On Thu, Apr 09, 2015 at 03:54:33AM +0000, Zhang, Chunyu wrote:
>> >> >From: Pablo Neira Ayuso
>> >> >Date: 2015-04-09
>> >> >To: Zhang, Chunyu/章 春宇
>> >> >Subject: Re: [PATCH] Add NFPROTO_ARP for mark
>> >[...]
>> >> >> @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par)
>> >> >> return ((skb->mark & info->mask) == info->mark) ^ info->invert;
>> >> >> }
>> >> >>
>> >> >> -static struct xt_target mark_tg_reg __read_mostly = {
>> >> >> - .name = "MARK",
>> >> >> - .revision = 2,
>> >> >> - .family = NFPROTO_UNSPEC,
>> >> >> - .target = mark_tg,
>> >> >> - .targetsize = sizeof(struct xt_mark_tginfo2),
>> >> >> - .me = THIS_MODULE,
>> >> >> +static struct xt_target mark_tg_reg[] __read_mostly = {
>> >> >> + {
>> >> >> + .name = "MARK",
>> >> >> + .revision = 2,
>> >> >> + .family = NFPROTO_UNSPEC,
>> >> >> + .target = mark_tg,
>> >> >> + .targetsize = sizeof(struct xt_mark_tginfo2),
>> >> >> + .me = THIS_MODULE,
>> >> >> + },
>> >> >> + {
>> >> >> + .name = "MARK",
>> >> >> + .revision = 2,
>> >> >> + .family = NFPROTO_ARP,
>> >> >> + .target = mark_tg,
>> >> >> + .targetsize = sizeof(struct xt_mark_tginfo2),
>> >> >> + .me = THIS_MODULE,
>> >> >> + }
>> >> >> };
>> >> >
>> >> >You don't need this.
>> >> >
>> >> >The problem is here that your patch:
>> >> >
>> >> >http://patchwork.ozlabs.org/patch/455966/
>> >> >
>> >> >is missing this chunk:
>> >> >
>> >> >diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c
>> >> >index a034930..87404ce 100644
>> >> >--- a/libarptc/libarptc_incl.c
>> >> >+++ b/libarptc/libarptc_incl.c
>> >> >@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle,
>> >> > /* memset to all 0 for your memcmp convenience. */
>> >> > memset(t->u.user.name + strlen(t->u.user.name),
>> >> > 0,
>> >> >- FUNCTION_MAXNAMELEN - strlen(t->u.user.name));
>> >> >+ FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name));
>> >> > return 1;
>> >> > }
>>
>> 1.
>> maybe should change like this?
>>
>> diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c
>> index a034930..4049cbd 100644
>> --- a/libarptc/libarptc_incl.c
>> +++ b/libarptc/libarptc_incl.c
>> @@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle,
>> /* memset to all 0 for your memcmp convenience. */
>> memset(t->u.user.name + strlen(t->u.user.name),
>> 0,
>> - FUNCTION_MAXNAMELEN - strlen(t->u.user.name));
>> + XT_EXTENSION_MAXNAMELEN - strlen(t->u.user.name));
>
>No, you can't do this.
>
>After getting arptables userspace in sync with kernel headers, you can
>see that:
>
>#define ARPT_FUNCTION_MAXNAMELEN XT_FUNCTION_MAXNAMELEN
>
>and:
>
>libarptc/libarptc.c:#define FUNCTION_MAXNAMELEN ARPT_FUNCTION_MAXNAMELEN
>
>You have to do it the way I suggested.
>
>Another motivation to make it the way I indicated is that this will be
>in sync with iptables/ip6tables.
>
>Anyway, I have just pushed this branch:
>
>http://git.netfilter.org/arptables/log/?h=next
>
>to try to close this discussion.
ok. thanks.
>--
>To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
>the body of a message to majordomo@vger.kernel.org
>More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2015-04-17 1:39 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-04-07 2:45 [PATCH] Add NFPROTO_ARP for mark target Zhang Chunyu
2015-04-07 2:45 ` [PATCH] Add NFPROTO_ARP for mark Zhang Chunyu
2015-04-08 17:49 ` Pablo Neira Ayuso
2015-04-09 3:54 ` Zhang, Chunyu
2015-04-09 10:41 ` Pablo Neira Ayuso
2015-04-16 5:39 ` Zhang, Chunyu
2015-04-16 5:45 ` Zhang, Chunyu
2015-04-16 11:06 ` Pablo Neira Ayuso
2015-04-17 1:38 ` Zhang, Chunyu
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.