From: Jan Engelhardt <jengelh@medozas.de>
To: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Patrick McHardy <kaber@trash.net>,
Netfilter Development Mailinglist
<netfilter-devel@vger.kernel.org>,
netdev <netdev@vger.kernel.org>
Subject: Re: [PATCH nf-next-2.6] netfilter: add xt_cpu match
Date: Thu, 22 Jul 2010 17:39:34 +0200 (CEST) [thread overview]
Message-ID: <alpine.LSU.2.01.1007221736150.12308@obet.zrqbmnf.qr> (raw)
In-Reply-To: <1279811939.2467.79.camel@edumazet-laptop>
On Thursday 2010-07-22 17:18, Eric Dumazet wrote:
>Le jeudi 22 juillet 2010 à 16:19 +0200, Jan Engelhardt a écrit :
>> On Thursday 2010-07-22 16:03, Eric Dumazet wrote:
>>
>> >This match is a bit strange, being packet content agnostic...
>> >+/*
>> >+ * Yes, packet content is not interesting for us, we only take care
>> >+ * of cpu handling this packet
>> >+ */
>>
>> That is not so strange after all, we have many packet agnostic matches:
>> xt_time, xt_condition, xt_IDLETIMER, xt_iface.
>> So this little comment looks a bit redundant.
>>
>> Or it seems that academia can't come up with enough new protocols in time that
>> we have to resort to do -m coffeemaker :)
>>
>> >@@ -0,0 +1,8 @@
>> >+#ifndef _XT_CPU_H
>> >+#define _XT_CPU_H
>> >+
>> >+struct xt_cpu_info {
>> >+ unsigned int cpu;
>> >+ int invert;
>> >+};
>> >+#endif /*_XT_MAC_H*/
>>
>> Please take a read in "Writing Netfilter Modules" e-book :-)
>> It will tell you that types other than fixed ones are a no-no.
>
>Ok, let's do that, but I doubt sizeof(int) can be different than 4 on a
>Linux 2.6 host right now.
Never say never. "long" already bit people in the past, and now we
have that CONFIG_COMPAT stuff.
If invert is the only flag, perhaps it makes sense to use __u8
for it.
>I prefer not doing the !!info->invert, and do the check only once.
>+static int cpu_mt_check(const struct xt_mtchk_param *par)
>+{
>+ const struct xt_cpu_info *info = par->matchinfo;
>+
>+ if (info->invert & ~1)
>+ return -EINVAL;
>+ return 0;
>+}
>+
>+static bool cpu_mt(const struct sk_buff *skb, struct xt_action_param *par)
>+{
>+ const struct xt_cpu_info *info = par->matchinfo;
>+
>+ return (info->cpu == smp_processor_id()) ^ info->invert;
>+}
That works nicely indeed. Do you anticipate any future flags?
next prev parent reply other threads:[~2010-07-22 15:39 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-07-22 14:03 [PATCH nf-next-2.6] netfilter: add xt_cpu match Eric Dumazet
2010-07-22 14:19 ` Jan Engelhardt
2010-07-22 15:18 ` Eric Dumazet
2010-07-22 15:39 ` Jan Engelhardt [this message]
2010-07-22 16:24 ` Eric Dumazet
2010-07-23 11:00 ` Patrick McHardy
2010-07-23 13:43 ` [PATCH iptables] extension: " Eric Dumazet
2010-07-23 14:13 ` Patrick McHardy
2010-07-23 16:46 ` Jan Engelhardt
2010-07-23 17:30 ` Eric Dumazet
2010-07-23 17:53 ` Jan Engelhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.LSU.2.01.1007221736150.12308@obet.zrqbmnf.qr \
--to=jengelh@medozas.de \
--cc=eric.dumazet@gmail.com \
--cc=kaber@trash.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.