Re: [PATCH] filter: add SKF_AD_NLATTR_NEST to look for nested attributes

All of lore.kernel.org
 help / color / mirror / Atom feed

From: David Miller <davem@davemloft.net>
To: pablo@netfilter.org
Cc: netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, kaber@trash.net
Subject: Re: [PATCH] filter: add SKF_AD_NLATTR_NEST to look for nested attributes
Date: Mon, 17 Nov 2008 00:36:22 -0800 (PST)	[thread overview]
Message-ID: <20081117.003622.132924683.davem@davemloft.net> (raw)
In-Reply-To: <20081117083136.10840.70283.stgit@Decadence>

From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 17 Nov 2008 09:31:37 +0100

> SKF_AD_NLATTR allows us to find the first matching attribute in a
> stream of netlink attributes from one offset to the end of the
> netlink message. This is not suitable to look for a specific
> matching inside a set of nested attributes.
> 
> For example, in ctnetlink messages, if we look for the CTA_V6_SRC
> attribute in a message that talks about an IPv4 connection,
> SKF_AD_NLATTR returns the offset of CTA_STATUS which has the same
> value of CTA_V6_SRC but outside the nest. To differenciate
> CTA_STATUS and CTA_V6_SRC, we would have to make assumptions on the
> size of the attribute and the usual offset, resulting in horrible
> BSF code.
> 
> This patch adds SKF_AD_NLATTR_NEST, which is a variant of
> SKF_AD_NLATTR, that looks for an attribute inside the limits of
> a nested attributes, but not further.
> 
> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

This looks fine to me, Patrick is it ok with you too?

If Patrick has no objections I'll apply it to net-next-2.6

next prev parent reply	other threads:[~2008-11-17  8:36 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-11-17  8:31 [PATCH] filter: add SKF_AD_NLATTR_NEST to look for nested attributes Pablo Neira Ayuso
2008-11-17  8:36 ` David Miller [this message]
2008-11-17 14:35   ` Patrick McHardy
  -- strict thread matches above, loose matches on Subject: below --
2008-11-18  3:01 Pablo Neira Ayuso
2008-11-18 10:49 ` Patrick McHardy
2008-11-20  8:49   ` David Miller

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20081117.003622.132924683.davem@davemloft.net \
    --to=davem@davemloft.net \
    --cc=kaber@trash.net \
    --cc=netdev@vger.kernel.org \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=pablo@netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.