linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: "Michał Mirosław" <mirq-linux@rere.qmqm.pl>
To: netfilter-devel@lists.netfilter.org
Cc: linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2.6.20 +0/14] nfnetlink_log: patch series season 2
Date: Mon, 12 Feb 2007 21:20:52 +0100	[thread overview]
Message-ID: <20070212202052.GA28704@rere.qmqm.pl> (raw)
In-Reply-To: <20070212003738.GA8262@rere.qmqm.pl>

Dear list,

As it turned out, not all worms eating nfnetlink_log have been exterminated
by my last patch series. I'll append next four patches to the end of the
series and I hope that it doesn't make your patching scripts unhappy.

Those patches fix two bugs and make two other code beautifications:

  11. procfs file handling - don't pass seq_file when you don't have to
* 12. nfulnl_recv_config() - don't modify what isn't there
* 13. __nfulnl_send() and friends - return your books timely
  14. __nfulnl_send() - don't prove the obvious

There are some other bugs I found that I'm looking for a fix. One of them
is wrong /proc/net/netfilter/nfnetlink_log contents:

natownica:~# cat /proc/net/netfilter/nfnetlink_log
    0  -4100     0 2 65535    100  1
    2  -4099     2 2 65535    100  2
    4  15355     0 2 65535    100  1

Those three entries are created by a single ulogd2 listening in three
packet logging groups. I believe that's some problem with generating
the file contents because after shutting down ulogd all disappear.

The two groups: 2, 4 are stuffed with packets by those iptables rules:

natownica:~# iptables-save |grep NFLOG
-A LOG_and_DROP_fakenet -m hashlimit --hashlimit 1/sec --hashlimit-mode \
	srcip --hashlimit-name fw_fakenet_src -j NFLOG --nflog-prefix \
	"fakenet" --nflog-group 2 --nflog-threshold 30
-A LOG_and_DROP_p2p -m hashlimit --hashlimit 1/sec --hashlimit-mode srcip \
	--hashlimit-name fw_p2p_src -j NFLOG --nflog-prefix "p2p" \
	--nflog-group 2 --nflog-threshold 30
-A invalid -m mark --mark 0x3000/0x3000 -j NFLOG --nflog-prefix \
	"nonregistered" --nflog-group 3
-A invalid -j NFLOG --nflog-prefix "invalid" --nflog-group 2

As you can see, there's no group 4 among the rules - 3 is. This seems to
be xt_NFLOG's fault, but I haven't looked there yet.

Greets,
Michal Miroslaw


  reply	other threads:[~2007-02-12 20:21 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-02-12  0:37 [PATCH 2.6.20 00/10] nfnetlink_log: patch series introduction Michał Mirosław
2007-02-12 20:20 ` Michał Mirosław [this message]
2007-02-12 20:22   ` [PATCH 2.6.20 11/14] nfnetlink_log: iterator functions need iter_state * only Michał Mirosław
2007-02-13 12:51     ` Patrick McHardy
2007-02-12 20:22   ` [PATCH 2.6.20 12/14] nfnetlink_log: possible NULL pointer dereference in nfulnl_recv_config() Michał Mirosław
2007-02-13 12:55     ` Patrick McHardy
2007-02-12 20:22   ` [PATCH 2.6.20 13/14] nfnetlink_log: fix reference counting Michał Mirosław
2007-02-13 12:58     ` Patrick McHardy
2007-02-14 11:38       ` Michał Mirosław
2007-02-12 20:23   ` [PATCH 2.6.20 14/14] nfnetlink_log: micro-optimization: inst->skb != NULL in __nfulnl_send() Michał Mirosław
2007-02-14 11:57     ` Michał Mirosław

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20070212202052.GA28704@rere.qmqm.pl \
    --to=mirq-linux@rere.qmqm.pl \
    --cc=linux-kernel@vger.kernel.org \
    --cc=netfilter-devel@lists.netfilter.org \
    --subject='Re: [PATCH 2.6.20 +0/14] nfnetlink_log: patch series season 2' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).