All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] iptables: use skb->len for accounting
@ 2010-07-23  3:34 Changli Gao
  2010-07-23  6:29 ` Eric Dumazet
  2010-07-23 14:25 ` Patrick McHardy
  0 siblings, 2 replies; 7+ messages in thread
From: Changli Gao @ 2010-07-23  3:34 UTC (permalink / raw)
  To: Patrick McHardy; +Cc: David S. Miller, netfilter-devel, netdev, Changli Gao

iptables: use skb->len for accounting

use skb->len for accounting as xt_quota does.

Signed-off-by: Changli Gao <xiaosuo@gmail.com>
----
 net/ipv4/netfilter/ip_tables.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index b38c118..3c584a6 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -364,7 +364,7 @@ ipt_do_table(struct sk_buff *skb,
 				goto no_match;
 		}
 
-		ADD_COUNTER(e->counters, ntohs(ip->tot_len), 1);
+		ADD_COUNTER(e->counters, skb->len, 1);
 
 		t = ipt_get_target(e);
 		IP_NF_ASSERT(t->u.kernel.target);

^ permalink raw reply related	[flat|nested] 7+ messages in thread
* Re: [PATCH] iptables: use skb->len for accounting
  2010-07-23  3:34 [PATCH] iptables: use skb->len for accounting Changli Gao
@ 2010-07-23  6:29 ` Eric Dumazet
  2010-07-23  6:47   ` Changli Gao
  2010-07-23 14:25 ` Patrick McHardy
  1 sibling, 1 reply; 7+ messages in thread
From: Eric Dumazet @ 2010-07-23  6:29 UTC (permalink / raw)
  To: Changli Gao; +Cc: Patrick McHardy, David S. Miller, netfilter-devel, netdev

Le vendredi 23 juillet 2010 à 11:34 +0800, Changli Gao a écrit :
> iptables: use skb->len for accounting
> 
> use skb->len for accounting as xt_quota does.
> 

Why ?

This is a gratuitous change, unless you have very strong arguments.

xt_quota is an exception, dont change all others because of it !

It is about actual data on wire, including overhead (excess bytes after
IP frame if any).

But IP tables accounting is about IP only.

> Signed-off-by: Changli Gao <xiaosuo@gmail.com>
> ----
>  net/ipv4/netfilter/ip_tables.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
> index b38c118..3c584a6 100644
> --- a/net/ipv4/netfilter/ip_tables.c
> +++ b/net/ipv4/netfilter/ip_tables.c
> @@ -364,7 +364,7 @@ ipt_do_table(struct sk_buff *skb,
>  				goto no_match;
>  		}
>  
> -		ADD_COUNTER(e->counters, ntohs(ip->tot_len), 1);
> +		ADD_COUNTER(e->counters, skb->len, 1);
>  
>  		t = ipt_get_target(e);
>  		IP_NF_ASSERT(t->u.kernel.target);
> --



--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [PATCH] iptables: use skb->len for accounting
  2010-07-23  6:29 ` Eric Dumazet
@ 2010-07-23  6:47   ` Changli Gao
  2010-07-23  6:58     ` Eric Dumazet
  0 siblings, 1 reply; 7+ messages in thread
From: Changli Gao @ 2010-07-23  6:47 UTC (permalink / raw)
  To: Eric Dumazet; +Cc: Patrick McHardy, David S. Miller, netfilter-devel, netdev

On Fri, Jul 23, 2010 at 2:29 PM, Eric Dumazet <eric.dumazet@gmail.com> wrote:
> Le vendredi 23 juillet 2010 à 11:34 +0800, Changli Gao a écrit :
>> iptables: use skb->len for accounting
>>
>> use skb->len for accounting as xt_quota does.
>>
>
> Why ?
>
> This is a gratuitous change, unless you have very strong arguments.
>
> xt_quota is an exception, dont change all others because of it !

exception ? Why ?

>
> It is about actual data on wire, including overhead (excess bytes after
> IP frame if any).
>
> But IP tables accounting is about IP only.
>

Is the assumption that: the packets in netfilter have the padding
bytes removed, and skb->data points to the network header? Thanks.

-- 
Regards,
Changli Gao(xiaosuo@gmail.com)
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [PATCH] iptables: use skb->len for accounting
  2010-07-23  6:47   ` Changli Gao
@ 2010-07-23  6:58     ` Eric Dumazet
  2010-07-23 11:49       ` Patrick McHardy
  0 siblings, 1 reply; 7+ messages in thread
From: Eric Dumazet @ 2010-07-23  6:58 UTC (permalink / raw)
  To: Changli Gao; +Cc: Patrick McHardy, David S. Miller, netfilter-devel, netdev

Le vendredi 23 juillet 2010 à 14:47 +0800, Changli Gao a écrit :
> On Fri, Jul 23, 2010 at 2:29 PM, Eric Dumazet <eric.dumazet@gmail.com> wrote:
> > Le vendredi 23 juillet 2010 à 11:34 +0800, Changli Gao a écrit :
> >> iptables: use skb->len for accounting
> >>
> >> use skb->len for accounting as xt_quota does.
> >>
> >
> > Why ?
> >
> > This is a gratuitous change, unless you have very strong arguments.
> >
> > xt_quota is an exception, dont change all others because of it !
> 
> exception ? Why ?

Because it handles all protocols...

So skb->len is a shortcut, an approximation if you want.

At IPV4 level, ip->tot_len is an exact value.




^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [PATCH] iptables: use skb->len for accounting
  2010-07-23  6:58     ` Eric Dumazet
@ 2010-07-23 11:49       ` Patrick McHardy
  2010-07-23 12:14         ` Eric Dumazet
  0 siblings, 1 reply; 7+ messages in thread
From: Patrick McHardy @ 2010-07-23 11:49 UTC (permalink / raw)
  To: Eric Dumazet; +Cc: Changli Gao, David S. Miller, netfilter-devel, netdev

On 23.07.2010 08:58, Eric Dumazet wrote:
> Le vendredi 23 juillet 2010 à 14:47 +0800, Changli Gao a écrit :
>> On Fri, Jul 23, 2010 at 2:29 PM, Eric Dumazet <eric.dumazet@gmail.com> wrote:
>>> Le vendredi 23 juillet 2010 à 11:34 +0800, Changli Gao a écrit :
>>>> iptables: use skb->len for accounting
>>>>
>>>> use skb->len for accounting as xt_quota does.
>>>>
>>>
>>> Why ?
>>>
>>> This is a gratuitous change, unless you have very strong arguments.
>>>
>>> xt_quota is an exception, dont change all others because of it !
>>
>> exception ? Why ?
> 
> Because it handles all protocols...
> 
> So skb->len is a shortcut, an approximation if you want.
> 
> At IPV4 level, ip->tot_len is an exact value.

Actually skb->len is also exact at the IPv4 level. I'm inclined
to apply this patch for consistency with ip6_tables, where using
skb->len fixes jumbo frame accounting.


^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [PATCH] iptables: use skb->len for accounting
  2010-07-23 11:49       ` Patrick McHardy
@ 2010-07-23 12:14         ` Eric Dumazet
  0 siblings, 0 replies; 7+ messages in thread
From: Eric Dumazet @ 2010-07-23 12:14 UTC (permalink / raw)
  To: Patrick McHardy; +Cc: Changli Gao, David S. Miller, netfilter-devel, netdev

Le vendredi 23 juillet 2010 à 13:49 +0200, Patrick McHardy a écrit :


> Actually skb->len is also exact at the IPv4 level. I'm inclined
> to apply this patch for consistency with ip6_tables, where using
> skb->len fixes jumbo frame accounting.
> 

Thats right.

I was confused by recent problem raised with UDP checksums.

But pskb_trim_rcsum() is indeed called from ip_rcv() so
skb->len == ntohs(iph->tot_len)

Thanks


--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [PATCH] iptables: use skb->len for accounting
  2010-07-23  3:34 [PATCH] iptables: use skb->len for accounting Changli Gao
  2010-07-23  6:29 ` Eric Dumazet
@ 2010-07-23 14:25 ` Patrick McHardy
  1 sibling, 0 replies; 7+ messages in thread
From: Patrick McHardy @ 2010-07-23 14:25 UTC (permalink / raw)
  To: Changli Gao; +Cc: David S. Miller, netfilter-devel, netdev

On 23.07.2010 05:34, Changli Gao wrote:
> iptables: use skb->len for accounting
> 
> use skb->len for accounting as xt_quota does.
> 

Applied, thanks.

^ permalink raw reply	[flat|nested] 7+ messages in thread
end of thread, other threads:[~2010-07-23 14:25 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-07-23  3:34 [PATCH] iptables: use skb->len for accounting Changli Gao
2010-07-23  6:29 ` Eric Dumazet
2010-07-23  6:47   ` Changli Gao
2010-07-23  6:58     ` Eric Dumazet
2010-07-23 11:49       ` Patrick McHardy
2010-07-23 12:14         ` Eric Dumazet
2010-07-23 14:25 ` Patrick McHardy

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.