From: Pablo Neira Ayuso <pablo@netfilter.org>
To: "Anthony G. Basile" <basile@opensource.dyc.edu>
Cc: davem@davemloft.net, kaber@trash.net, blueness@gentoo.org,
gurligebis@gentoo.org, base-system@gentoo.org, kernel@gentoo.org,
toolchain@gentoo.org, mchehab@redhat.com, hverkuil@xs4all.nl,
laurent.pinchart@ideasonboard.com, arnd@arndb.de,
eparis@redhat.com, netfilter-devel@vger.kernel.org
Subject: Re: [PATCH] netfilter: install nf_nat.h and nf_conntrack_tuple.h to INSTALL_HDR_PATH
Date: Wed, 28 Sep 2011 23:37:54 +0200 [thread overview]
Message-ID: <20110928213754.GD2761@1984> (raw)
In-Reply-To: <4E78B253.7060502@opensource.dyc.edu>
On Tue, Sep 20, 2011 at 11:33:39AM -0400, Anthony G. Basile wrote:
> Sorry for the delay in responding, real life.
>
> What I did in that last patch was just grab nf_nat.h and
> nf_contrack_tupple.h from iptables source tree at include/net/netfilter
> plus minor changes. I didn't look for the minimum of what iptables and
> miniupnpd need.
>
> Here's a possibility that works, move nf_conntrack_man_proto to nf_nat.h
> and only export that header with:
I guess, you mean the new include/linux/netfilter/nf_nat.h file, right?
> #define IP_NAT_RANGE_MAP_IPS 1
> ...
>
> union nf_conntrack_man_proto {
> __be16 all;
> struct { __be16 port } tcp;
> ...
> }
If you want to keep the "port" field, I'd prefer something like:
union nf_conntrack_man_proto {
__be16 port;
__be16 icmp_id;
__be16 gre_key;
};
And propagate the changes to the corresponding .c files.
> struct nf_nat_range {
> ...
> union nf_conntrack_man_proto min, max;
> };
>
> struct nf_nat_multi_range_compat { ... }
>
> #define nf_nat_multi_range nf_nat_multi_range_compat
>
> This is the minimum that iptables and miniupnpd need to compile.
>
> Does this look like a workable solution?
Close to it, but please change union nf_conntrack_man_proto to what I
suggested.
Thanks!
next prev parent reply other threads:[~2011-09-28 21:37 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-09-09 0:16 [PATCH] netfilter: install nf_nat.h and nf_conntrack_tuple.h to INSTALL_HDR_PATH Anthony G. Basile
2011-09-12 8:38 ` Pablo Neira Ayuso
2011-09-12 9:19 ` Pablo Neira Ayuso
2011-09-20 15:33 ` Anthony G. Basile
2011-09-28 21:37 ` Pablo Neira Ayuso [this message]
2011-09-29 21:03 ` Anthony G. Basile
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110928213754.GD2761@1984 \
--to=pablo@netfilter.org \
--cc=arnd@arndb.de \
--cc=base-system@gentoo.org \
--cc=basile@opensource.dyc.edu \
--cc=blueness@gentoo.org \
--cc=davem@davemloft.net \
--cc=eparis@redhat.com \
--cc=gurligebis@gentoo.org \
--cc=hverkuil@xs4all.nl \
--cc=kaber@trash.net \
--cc=kernel@gentoo.org \
--cc=laurent.pinchart@ideasonboard.com \
--cc=mchehab@redhat.com \
--cc=netfilter-devel@vger.kernel.org \
--cc=toolchain@gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.