From: Florian Westphal <fw@strlen.de>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org, fw@strlen.de, mm@skelett.io
Subject: Re: [PATCH nft] src: revisit tcp options support
Date: Wed, 22 Feb 2017 15:09:34 +0100 [thread overview]
Message-ID: <20170222140934.GD11144@breakpoint.cc> (raw)
In-Reply-To: <1487768503-17023-1-git-send-email-pablo@netfilter.org>
Pablo Neira Ayuso <pablo@netfilter.org> wrote:
> Rework syntax, add tokens so we can extend the grammar more easily.
> This has triggered several syntax changes with regards to the original
> patch, specifically:
>
> tcp option sack0 left 1
>
> There is no space between sack and the block number anymore, no more
> offset field, now they are a single field. Just like we do with rt, rt0
> and rt2. This simplifies our grammar and that is good since it makes our
> life easier when extending it later on to accomodate new features.
>
> I have also renamed sack_permitted to sack-permitted. I couldn't find
> any option using underscore so far, so let's keep it consistent with
> what we have.
>
> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
> ---
> @Florian, @Manuel: I would appreciate an explicit review ack on this patch.
I am fine with 'sack-permitted' rename.
As for sack0 etc. I already said 'yuck', pointing at rt2 (not even
documented...) doesn't make it any more pretty to me, sorry.
I also still fail to see how this helps/improves grammar state,
all it does is removing
TCP OPTION STRING NUM tcp_option_field
and replacing
TCP OPTION STRING STRING
with
TCP OPTION option_tokens field_tokens
so user syntax is the same (aside from removal of the 'NUM')
version.
> @@ -2604,13 +2607,33 @@ inet filter meta nfproto ipv6 output rt nexthop fd00::1
> <entry>kind, length, count</entry>
> </row>
> <row>
> - <entry>sack_permitted</entry>
> + <entry>sack-permitted</entry>
> <entry>TCP SACK permitted</entry>
> <entry>kind, length</entry>
> </row>
> <row>
> <entry>sack</entry>
> - <entry>TCP Selective Acknowledgement</entry>
> + <entry>TCP Selective Acknowledgement (alias of block 0)</entry>
> + <entry>kind, length, left, right</entry>
> + </row>
> + <row>
> + <entry>sack0</entry>
> + <entry>TCP Selective Acknowledgement (block 0)</entry>
> + <entry>kind, length, left, right</entry>
> + </row>
> + <row>
> + <entry>sack1</entry>
> + <entry>TCP Selective Acknowledgement (block 1)</entry>
> + <entry>kind, length, left, right</entry>
Thats the thing, sack1 doesn't have kind or length. Afaics
tcp option sack2 length > 4 is identical to 'sack length', ok.
next prev parent reply other threads:[~2017-02-22 14:10 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-22 13:01 [PATCH nft] src: revisit tcp options support Pablo Neira Ayuso
2017-02-22 14:09 ` Florian Westphal [this message]
2017-02-22 15:33 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170222140934.GD11144@breakpoint.cc \
--to=fw@strlen.de \
--cc=mm@skelett.io \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.