All of lore.kernel.org
 help / color / mirror / Atom feed
* Ipset kernel module functions
@ 2016-02-23  4:28 Gadre Nayan
  2016-02-23  9:25 ` Jozsef Kadlecsik
  0 siblings, 1 reply; 4+ messages in thread
From: Gadre Nayan @ 2016-02-23  4:28 UTC (permalink / raw)
  To: netfilter

Dear All,

I am trying to understand the IPSET modules in linux kernel 4.3.
Particularly Macset.
In the source file: /net/netfilter/ipset/ip_set_hash_mac.c

I have few questions:

1. What is the purpose of HTYPE, it is not getting used further.

/* Type specific function prefix */
         #define HTYPE           hash_mac

2. What is the purpose of MTYPE.
          #define MTYPE           hash_mac4

3. Why 2 different functions are used. KADT and UADT. I understand ADT
is Add delete, Test and K and U might be Kernel space and User space.
But what is different operation of KADT and UADT.

4. Who calls Kadt in kernel space. How is UADT called from User space.

Sorry for being too questioning here. I need some direction to
understand this further.

Thanks and Regards
Gadre Nayan

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: Ipset kernel module functions
  2016-02-23  4:28 Ipset kernel module functions Gadre Nayan
@ 2016-02-23  9:25 ` Jozsef Kadlecsik
  2016-02-23 23:27   ` Gadre Nayan
  0 siblings, 1 reply; 4+ messages in thread
From: Jozsef Kadlecsik @ 2016-02-23  9:25 UTC (permalink / raw)
  To: Gadre Nayan; +Cc: netfilter

On Tue, 23 Feb 2016, Gadre Nayan wrote:

> I am trying to understand the IPSET modules in linux kernel 4.3. 
> Particularly Macset. In the source file: 
> /net/netfilter/ipset/ip_set_hash_mac.c
> 
> I have few questions:
> 
> 1. What is the purpose of HTYPE, it is not getting used further.
> 
> /* Type specific function prefix */
>          #define HTYPE           hash_mac
> 
> 2. What is the purpose of MTYPE.
>           #define MTYPE           hash_mac4

Most of the functions are generated and the macros are used in the 
included ip_set_hash_gen.h file. HTYPE is used for the IPv4/IPv6 
independent functions while MTYPE required for the IPv4, IPv6 specific 
ones.

> 3. Why 2 different functions are used. KADT and UADT. I understand ADT
> is Add delete, Test and K and U might be Kernel space and User space.
> But what is different operation of KADT and UADT.

Those are the kernel and userspace common routines for add, del and test 
elements. The functions are separated because the input comes in different 
forms: in the userspace case in netlink attributes, while in the kernel 
case through the API.

> 4. Who calls Kadt in kernel space. How is UADT called from User space.

The kadt functions are called from the kernel part interfaces (ip_set_add, 
etc) while the uadt ones from ip_set_uadd, etc (see ip_set_core.c). Please 
note uadt functions are NOT called in userspace: the functions work on 
data sent FROM userspace.

Best regards,
Jozsef
-
E-mail  : kadlec@blackhole.kfki.hu, kadlecsik.jozsef@wigner.mta.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences
          H-1525 Budapest 114, POB. 49, Hungary

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: Ipset kernel module functions
  2016-02-23  9:25 ` Jozsef Kadlecsik
@ 2016-02-23 23:27   ` Gadre Nayan
  2016-02-24  9:13     ` Jozsef Kadlecsik
  0 siblings, 1 reply; 4+ messages in thread
From: Gadre Nayan @ 2016-02-23 23:27 UTC (permalink / raw)
  To: Jozsef Kadlecsik, netfilter

Hi,

Thank you for the explanation. So, I was tracing the user space source
and I had few questions regarding the Netlink messages sent from User
space.

1. The command gets transformed into Netlink Message in
ipset_cmd(session, enum cmd, lineno) ---> lib/session.c

I see the attributes getting created. So which BUS id (Subsystem ID)
in Netlink is this message send to ?

2. If I have to trace this command Netlink message in Kernel source,
where can I start loooking. (I would typically start at the subsystem
registration) so where can this IPSET subsystem be registered and
parsed.

Thanks and Regards
Gadre Nayan A

On Tue, Feb 23, 2016 at 2:55 PM, Jozsef Kadlecsik
<kadlec@blackhole.kfki.hu> wrote:
> On Tue, 23 Feb 2016, Gadre Nayan wrote:
>
>> I am trying to understand the IPSET modules in linux kernel 4.3.
>> Particularly Macset. In the source file:
>> /net/netfilter/ipset/ip_set_hash_mac.c
>>
>> I have few questions:
>>
>> 1. What is the purpose of HTYPE, it is not getting used further.
>>
>> /* Type specific function prefix */
>>          #define HTYPE           hash_mac
>>
>> 2. What is the purpose of MTYPE.
>>           #define MTYPE           hash_mac4
>
> Most of the functions are generated and the macros are used in the
> included ip_set_hash_gen.h file. HTYPE is used for the IPv4/IPv6
> independent functions while MTYPE required for the IPv4, IPv6 specific
> ones.
>
>> 3. Why 2 different functions are used. KADT and UADT. I understand ADT
>> is Add delete, Test and K and U might be Kernel space and User space.
>> But what is different operation of KADT and UADT.
>
> Those are the kernel and userspace common routines for add, del and test
> elements. The functions are separated because the input comes in different
> forms: in the userspace case in netlink attributes, while in the kernel
> case through the API.
>
>> 4. Who calls Kadt in kernel space. How is UADT called from User space.
>
> The kadt functions are called from the kernel part interfaces (ip_set_add,
> etc) while the uadt ones from ip_set_uadd, etc (see ip_set_core.c). Please
> note uadt functions are NOT called in userspace: the functions work on
> data sent FROM userspace.
>
> Best regards,
> Jozsef
> -
> E-mail  : kadlec@blackhole.kfki.hu, kadlecsik.jozsef@wigner.mta.hu
> PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
> Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences
>           H-1525 Budapest 114, POB. 49, Hungary

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: Ipset kernel module functions
  2016-02-23 23:27   ` Gadre Nayan
@ 2016-02-24  9:13     ` Jozsef Kadlecsik
  0 siblings, 0 replies; 4+ messages in thread
From: Jozsef Kadlecsik @ 2016-02-24  9:13 UTC (permalink / raw)
  To: Gadre Nayan; +Cc: netfilter

On Wed, 24 Feb 2016, Gadre Nayan wrote:

> I had few questions regarding the Netlink messages sent from User space.
> 
> 1. The command gets transformed into Netlink Message in
> ipset_cmd(session, enum cmd, lineno) ---> lib/session.c
> 
> I see the attributes getting created. So which BUS id (Subsystem ID)
> in Netlink is this message send to ?

ipset uses NETLINK_NETFILTER netlink socket bus id and inside nfnetlink it 
has its own NFNL_SUBSYS_IPSET subsystem id.
 
> 2. If I have to trace this command Netlink message in Kernel source, 
> where can I start loooking. (I would typically start at the subsystem 
> registration) so where can this IPSET subsystem be registered and 
> parsed.

The registration happens in ip_set_core.c (nfnetlink_subsys_register()) 
and the message parser functions are actually callbacks, hooked into 
nfnetlink (ip_set_netlink_subsys_cb[]). If you want to follow the whole 
processing path, then start at netlink, then nfnetlink and after that 
comes ipset.

Best regards,
Jozsef
-
E-mail  : kadlec@blackhole.kfki.hu, kadlecsik.jozsef@wigner.mta.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences
          H-1525 Budapest 114, POB. 49, Hungary

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-02-24  9:13 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-02-23  4:28 Ipset kernel module functions Gadre Nayan
2016-02-23  9:25 ` Jozsef Kadlecsik
2016-02-23 23:27   ` Gadre Nayan
2016-02-24  9:13     ` Jozsef Kadlecsik

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.