* PATCH iproute2] catch iptables interface changes
@ 2013-04-28 14:44 Jamal Hadi Salim
2013-05-04 15:57 ` Jamal Hadi Salim
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Jamal Hadi Salim @ 2013-04-28 14:44 UTC (permalink / raw)
To: shemminger; +Cc: netdev, Jan Engelhardt, Pablo Neira Ayuso
[-- Attachment #1: Type: text/plain, Size: 95 bytes --]
Thanks to Jan for this suggestion.
Hopefully this would ease some of the pain.
cheers,
jamal
[-- Attachment #2: catch-ipt-upgrade --]
[-- Type: text/plain, Size: 815 bytes --]
commit ba9b18dbcad853e22ea2b8ecf87d53ef2f6cf58c
Author: Jamal Hadi Salim <jhs@mojatatu.com>
Date: Sun Apr 28 07:41:47 2013 -0400
Detect future iptable changes interfaces earlier in the dev
cycles. Hopefully someone is going to complain about such breakage
and we'll get the fix in sooner.
Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
diff --git a/tc/m_xt.c b/tc/m_xt.c
index 3edf520..b266337 100644
--- a/tc/m_xt.c
+++ b/tc/m_xt.c
@@ -129,6 +129,10 @@ static int parse_ipt(struct action_util *a,int *argc_p,
__u32 hook = 0, index = 0;
struct option *opts = NULL;
+#if (XTABLES_VERSION_CODE > 7)
+#error Someone call the guy who changed xtables ver 7 and \
+ make him fix it^W^W^W^W say you need help.
+#endif
xtables_init_all(&tcipt_globals, NFPROTO_IPV4);
set_lib_dir();
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: PATCH iproute2] catch iptables interface changes
2013-04-28 14:44 PATCH iproute2] catch iptables interface changes Jamal Hadi Salim
@ 2013-05-04 15:57 ` Jamal Hadi Salim
2013-05-06 15:09 ` Stephen Hemminger
2013-05-06 16:53 ` Pablo Neira Ayuso
2 siblings, 0 replies; 5+ messages in thread
From: Jamal Hadi Salim @ 2013-05-04 15:57 UTC (permalink / raw)
To: shemminger; +Cc: netdev, Jan Engelhardt, Pablo Neira Ayuso
On 13-04-28 10:44 AM, Jamal Hadi Salim wrote:
>
> Thanks to Jan for this suggestion.
> Hopefully this would ease some of the pain.
>
> cheers,
> jamal
Stephen,
Please include this patch. I just pulled and i dont see it
there.
cheers,
jamal
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: PATCH iproute2] catch iptables interface changes
2013-04-28 14:44 PATCH iproute2] catch iptables interface changes Jamal Hadi Salim
2013-05-04 15:57 ` Jamal Hadi Salim
@ 2013-05-06 15:09 ` Stephen Hemminger
2013-05-06 16:53 ` Pablo Neira Ayuso
2 siblings, 0 replies; 5+ messages in thread
From: Stephen Hemminger @ 2013-05-06 15:09 UTC (permalink / raw)
To: Jamal Hadi Salim; +Cc: shemminger, netdev, Jan Engelhardt, Pablo Neira Ayuso
On Sun, 28 Apr 2013 10:44:38 -0400
Jamal Hadi Salim <jhs@mojatatu.com> wrote:
>
> Thanks to Jan for this suggestion.
> Hopefully this would ease some of the pain.
>
> cheers,
> jamal
Any feedback from the netfilter team? Is this right?
I would prefer to change wording of the error to something more professional.
It may trigger 15 years from now and everybody around forgot what that meant.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: PATCH iproute2] catch iptables interface changes
2013-04-28 14:44 PATCH iproute2] catch iptables interface changes Jamal Hadi Salim
2013-05-04 15:57 ` Jamal Hadi Salim
2013-05-06 15:09 ` Stephen Hemminger
@ 2013-05-06 16:53 ` Pablo Neira Ayuso
2013-05-06 17:23 ` Jan Engelhardt
2 siblings, 1 reply; 5+ messages in thread
From: Pablo Neira Ayuso @ 2013-05-06 16:53 UTC (permalink / raw)
To: Jamal Hadi Salim; +Cc: shemminger, netdev, Jan Engelhardt
On Sun, Apr 28, 2013 at 10:44:38AM -0400, Jamal Hadi Salim wrote:
> commit ba9b18dbcad853e22ea2b8ecf87d53ef2f6cf58c
> Author: Jamal Hadi Salim <jhs@mojatatu.com>
> Date: Sun Apr 28 07:41:47 2013 -0400
>
> Detect future iptable changes interfaces earlier in the dev
> cycles. Hopefully someone is going to complain about such breakage
> and we'll get the fix in sooner.
>
> Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
>
> diff --git a/tc/m_xt.c b/tc/m_xt.c
> index 3edf520..b266337 100644
> --- a/tc/m_xt.c
> +++ b/tc/m_xt.c
> @@ -129,6 +129,10 @@ static int parse_ipt(struct action_util *a,int *argc_p,
> __u32 hook = 0, index = 0;
> struct option *opts = NULL;
>
> +#if (XTABLES_VERSION_CODE > 7)
> +#error Someone call the guy who changed xtables ver 7 and \
> + make him fix it^W^W^W^W say you need help.
> +#endif
BTW, iptables 1.4.19 (that will be released soon) will be
XTABLES_VERSION_CODE == 10:
libxtables_vcurrent=10
libxtables_vage=0
XTABLES_VERSION_CODE = libxtables_vcurrent - libxtables_vage
iptables 1.4.19 -> 10
iptables 1.4.18 -> 10
iptables 1.4.17 -> 9
iptables 1.4.16.3 -> 9
[ seems like we have skip one by accident ]
iptables 1.4.15 -> 7
So this error that Jamal proposes will be hit soon again by users. But
I don't think all those API updates affect xt action though. There is
a limited amount of functions that xt action uses.
Let me think if I can come with a better idea.
Regards.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: PATCH iproute2] catch iptables interface changes
2013-05-06 16:53 ` Pablo Neira Ayuso
@ 2013-05-06 17:23 ` Jan Engelhardt
0 siblings, 0 replies; 5+ messages in thread
From: Jan Engelhardt @ 2013-05-06 17:23 UTC (permalink / raw)
To: Pablo Neira Ayuso; +Cc: Jamal Hadi Salim, shemminger, netdev
On Monday 2013-05-06 18:53, Pablo Neira Ayuso wrote:
>
>XTABLES_VERSION_CODE = libxtables_vcurrent - libxtables_vage
>
>iptables 1.4.19 -> 10
>iptables 1.4.18 -> 10
>iptables 1.4.17 -> 9
>iptables 1.4.16.3 -> 9
>[ seems like we have skip one by accident ]
>iptables 1.4.15 -> 7
No accident here. We had 7:0:0, 8:0:1, 9:0:2/9:0:0.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2013-05-06 17:23 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-04-28 14:44 PATCH iproute2] catch iptables interface changes Jamal Hadi Salim
2013-05-04 15:57 ` Jamal Hadi Salim
2013-05-06 15:09 ` Stephen Hemminger
2013-05-06 16:53 ` Pablo Neira Ayuso
2013-05-06 17:23 ` Jan Engelhardt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).