[PATCH] iptables: iptables-compat translation for TCPMSS

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] iptables: iptables-compat translation for TCPMSS
@ 2017-10-15 11:31 Aastha Gupta
  2017-10-15 11:36 ` [Outreachy kernel] " Julia Lawall
  2017-10-15 11:39 ` Pablo Neira Ayuso
  0 siblings, 2 replies; 6+ messages in thread
From: Aastha Gupta @ 2017-10-15 11:31 UTC (permalink / raw)
  To: outreachy-kernel, pablo; +Cc: Aastha Gupta

Since path mtu support was added, we can now add
iptables-compat translation for TCPMSS extension.

Signed-off-by: Aastha Gupta <aastha.gupta4104@gmail.com>
---
 extensions/libxt_TCPMSS.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
index 4b71e44..7f65298 100644
--- a/extensions/libxt_TCPMSS.c
+++ b/extensions/libxt_TCPMSS.c
@@ -91,6 +91,17 @@ static void TCPMSS_save(const void *ip, const struct xt_entry_target *target)
 		printf(" --set-mss %u", mssinfo->mss);
 }
 
+static int TCPMSS_xlate(struct xt_xlate *xl,
+						 const struct xt_xlate_tg_params *params)
+{
+	const struct xt_tcpmss_info *mssinfo =
+		(const struct xt_tcpmss_info *)params->target->data;
+	if(mssinfo->mss == XT_TCPMSS_CLAMP_PMTU)
+		xt_xlate_add(xl, "tcp option maxseg size set rt mtu");
+
+	return 1;
+}
+
 static struct xtables_target tcpmss_tg_reg[] = {
 	{
 		.family        = NFPROTO_IPV4,
@@ -104,6 +115,7 @@ static struct xtables_target tcpmss_tg_reg[] = {
 		.x6_parse      = TCPMSS_parse,
 		.x6_fcheck     = TCPMSS_check,
 		.x6_options    = TCPMSS4_opts,
+		.xlate		   = TCPMSS_xlate,
 	},
 	{
 		.family        = NFPROTO_IPV6,
-- 
2.7.4



^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [Outreachy kernel] [PATCH] iptables: iptables-compat translation for TCPMSS
  2017-10-15 11:31 [PATCH] iptables: iptables-compat translation for TCPMSS Aastha Gupta
@ 2017-10-15 11:36 ` Julia Lawall
  2017-10-15 11:59   ` Aastha Gupta
  2017-10-15 12:08   ` Aastha Gupta
  2017-10-15 11:39 ` Pablo Neira Ayuso
  1 sibling, 2 replies; 6+ messages in thread
From: Julia Lawall @ 2017-10-15 11:36 UTC (permalink / raw)
  To: Aastha Gupta; +Cc: outreachy-kernel, pablo



On Sun, 15 Oct 2017, Aastha Gupta wrote:

> Since path mtu support was added, we can now add
> iptables-compat translation for TCPMSS extension.
>
> Signed-off-by: Aastha Gupta <aastha.gupta4104@gmail.com>
> ---
>  extensions/libxt_TCPMSS.c | 12 ++++++++++++
>  1 file changed, 12 insertions(+)
>
> diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
> index 4b71e44..7f65298 100644
> --- a/extensions/libxt_TCPMSS.c
> +++ b/extensions/libxt_TCPMSS.c
> @@ -91,6 +91,17 @@ static void TCPMSS_save(const void *ip, const struct xt_entry_target *target)
>  		printf(" --set-mss %u", mssinfo->mss);
>  }
>
> +static int TCPMSS_xlate(struct xt_xlate *xl,
> +						 const struct xt_xlate_tg_params *params)

The argument list seems to be quite oddly formatted.  Line the second line
up with the right side of the (

> +{
> +	const struct xt_tcpmss_info *mssinfo =
> +		(const struct xt_tcpmss_info *)params->target->data;

Is the cast really necessary?  It should not be necessary if the data
field has type void *.

> +	if(mssinfo->mss == XT_TCPMSS_CLAMP_PMTU)

Kernel code requires a space after if

> +		xt_xlate_add(xl, "tcp option maxseg size set rt mtu");
> +
> +	return 1;
> +}
> +
>  static struct xtables_target tcpmss_tg_reg[] = {
>  	{
>  		.family        = NFPROTO_IPV4,
> @@ -104,6 +115,7 @@ static struct xtables_target tcpmss_tg_reg[] = {
>  		.x6_parse      = TCPMSS_parse,
>  		.x6_fcheck     = TCPMSS_check,
>  		.x6_options    = TCPMSS4_opts,
> +		.xlate		   = TCPMSS_xlate,

Follow the same alignment strategy as for the other fields.

julia

>  	},
>  	{
>  		.family        = NFPROTO_IPV6,
> --
> 2.7.4
>
> --
> You received this message because you are subscribed to the Google Groups "outreachy-kernel" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to outreachy-kernel+unsubscribe@googlegroups.com.
> To post to this group, send email to outreachy-kernel@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/outreachy-kernel/1508067107-13649-1-git-send-email-aastha.gupta4104%40gmail.com.
> For more options, visit https://groups.google.com/d/optout.
>


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] iptables: iptables-compat translation for TCPMSS
  2017-10-15 11:31 [PATCH] iptables: iptables-compat translation for TCPMSS Aastha Gupta
  2017-10-15 11:36 ` [Outreachy kernel] " Julia Lawall
@ 2017-10-15 11:39 ` Pablo Neira Ayuso
  1 sibling, 0 replies; 6+ messages in thread
From: Pablo Neira Ayuso @ 2017-10-15 11:39 UTC (permalink / raw)
  To: Aastha Gupta; +Cc: outreachy-kernel

On Sun, Oct 15, 2017 at 05:01:47PM +0530, Aastha Gupta wrote:
> Since path mtu support was added, we can now add
> iptables-compat translation for TCPMSS extension.
> 
> Signed-off-by: Aastha Gupta <aastha.gupta4104@gmail.com>
> ---
>  extensions/libxt_TCPMSS.c | 12 ++++++++++++
>  1 file changed, 12 insertions(+)
> 
> diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
> index 4b71e44..7f65298 100644
> --- a/extensions/libxt_TCPMSS.c
> +++ b/extensions/libxt_TCPMSS.c
> @@ -91,6 +91,17 @@ static void TCPMSS_save(const void *ip, const struct xt_entry_target *target)
>  		printf(" --set-mss %u", mssinfo->mss);
>  }
>  
> +static int TCPMSS_xlate(struct xt_xlate *xl,
> +						 const struct xt_xlate_tg_params *params)
> +{
> +	const struct xt_tcpmss_info *mssinfo =
> +		(const struct xt_tcpmss_info *)params->target->data;
> +	if(mssinfo->mss == XT_TCPMSS_CLAMP_PMTU)
> +		xt_xlate_add(xl, "tcp option maxseg size set rt mtu");

Could you also translate other options in man iptables-extensions,
under the TCPMSS target extension?

BTW, please Cc netfilter-devel@vger.kernel.org in your netfilter patches.

Thanks!


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [Outreachy kernel] [PATCH] iptables: iptables-compat translation for TCPMSS
  2017-10-15 11:36 ` [Outreachy kernel] " Julia Lawall
@ 2017-10-15 11:59   ` Aastha Gupta
  2017-10-15 12:08   ` Aastha Gupta
  1 sibling, 0 replies; 6+ messages in thread
From: Aastha Gupta @ 2017-10-15 11:59 UTC (permalink / raw)
  To: Julia Lawall; +Cc: outreachy-kernel, Pablo Neira Ayuso

On Sun, Oct 15, 2017 at 5:06 PM, Julia Lawall <julia.lawall@lip6.fr> wrote:
>
>
> On Sun, 15 Oct 2017, Aastha Gupta wrote:
>
>> Since path mtu support was added, we can now add
>> iptables-compat translation for TCPMSS extension.
>>
>> Signed-off-by: Aastha Gupta <aastha.gupta4104@gmail.com>
>> ---
>>  extensions/libxt_TCPMSS.c | 12 ++++++++++++
>>  1 file changed, 12 insertions(+)
>>
>> diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
>> index 4b71e44..7f65298 100644
>> --- a/extensions/libxt_TCPMSS.c
>> +++ b/extensions/libxt_TCPMSS.c
>> @@ -91,6 +91,17 @@ static void TCPMSS_save(const void *ip, const struct xt_entry_target *target)
>>               printf(" --set-mss %u", mssinfo->mss);
>>  }
>>
>> +static int TCPMSS_xlate(struct xt_xlate *xl,
>> +                                              const struct xt_xlate_tg_params *params)
>
> The argument list seems to be quite oddly formatted.  Line the second line
> up with the right side of the (
>
>> +{
>> +     const struct xt_tcpmss_info *mssinfo =
>> +             (const struct xt_tcpmss_info *)params->target->data;
>
> Is the cast really necessary?  It should not be necessary if the data
> field has type void *.

Data field is not type void but unsigned char.
>
>> +     if(mssinfo->mss == XT_TCPMSS_CLAMP_PMTU)
>
> Kernel code requires a space after if
>
>> +             xt_xlate_add(xl, "tcp option maxseg size set rt mtu");
>> +
>> +     return 1;
>> +}
>> +
>>  static struct xtables_target tcpmss_tg_reg[] = {
>>       {
>>               .family        = NFPROTO_IPV4,
>> @@ -104,6 +115,7 @@ static struct xtables_target tcpmss_tg_reg[] = {
>>               .x6_parse      = TCPMSS_parse,
>>               .x6_fcheck     = TCPMSS_check,
>>               .x6_options    = TCPMSS4_opts,
>> +             .xlate             = TCPMSS_xlate,
>
> Follow the same alignment strategy as for the other fields.
>
> julia
>
>>       },
>>       {
>>               .family        = NFPROTO_IPV6,
>> --
>> 2.7.4
>>
>> --
>> You received this message because you are subscribed to the Google Groups "outreachy-kernel" group.
>> To unsubscribe from this group and stop receiving emails from it, send an email to outreachy-kernel+unsubscribe@googlegroups.com.
>> To post to this group, send email to outreachy-kernel@googlegroups.com.
>> To view this discussion on the web visit https://groups.google.com/d/msgid/outreachy-kernel/1508067107-13649-1-git-send-email-aastha.gupta4104%40gmail.com.
>> For more options, visit https://groups.google.com/d/optout.
>>


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [Outreachy kernel] [PATCH] iptables: iptables-compat translation for TCPMSS
  2017-10-15 11:36 ` [Outreachy kernel] " Julia Lawall
  2017-10-15 11:59   ` Aastha Gupta
@ 2017-10-15 12:08   ` Aastha Gupta
  2017-10-15 15:14     ` Julia Lawall
  1 sibling, 1 reply; 6+ messages in thread
From: Aastha Gupta @ 2017-10-15 12:08 UTC (permalink / raw)
  To: Julia Lawall; +Cc: outreachy-kernel, Pablo Neira Ayuso

On Sun, Oct 15, 2017 at 5:06 PM, Julia Lawall <julia.lawall@lip6.fr> wrote:
>
>
> On Sun, 15 Oct 2017, Aastha Gupta wrote:
>
>> Since path mtu support was added, we can now add
>> iptables-compat translation for TCPMSS extension.
>>
>> Signed-off-by: Aastha Gupta <aastha.gupta4104@gmail.com>
>> ---
>>  extensions/libxt_TCPMSS.c | 12 ++++++++++++
>>  1 file changed, 12 insertions(+)
>>
>> diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
>> index 4b71e44..7f65298 100644
>> --- a/extensions/libxt_TCPMSS.c
>> +++ b/extensions/libxt_TCPMSS.c
>> @@ -91,6 +91,17 @@ static void TCPMSS_save(const void *ip, const struct xt_entry_target *target)
>>               printf(" --set-mss %u", mssinfo->mss);
>>  }
>>
>> +static int TCPMSS_xlate(struct xt_xlate *xl,
>> +                                              const struct xt_xlate_tg_params *params)
>
> The argument list seems to be quite oddly formatted.  Line the second line
> up with the right side of the (
>
>> +{
>> +     const struct xt_tcpmss_info *mssinfo =
>> +             (const struct xt_tcpmss_info *)params->target->data;
>
> Is the cast really necessary?  It should not be necessary if the data
> field has type void *.
>
>> +     if(mssinfo->mss == XT_TCPMSS_CLAMP_PMTU)
>
> Kernel code requires a space after if
>
>> +             xt_xlate_add(xl, "tcp option maxseg size set rt mtu");
>> +
>> +     return 1;
>> +}
>> +
>>  static struct xtables_target tcpmss_tg_reg[] = {
>>       {
>>               .family        = NFPROTO_IPV4,
>> @@ -104,6 +115,7 @@ static struct xtables_target tcpmss_tg_reg[] = {
>>               .x6_parse      = TCPMSS_parse,
>>               .x6_fcheck     = TCPMSS_check,
>>               .x6_options    = TCPMSS4_opts,
>> +             .xlate             = TCPMSS_xlate,
>
> Follow the same alignment strategy as for the other fields.
>
> julia

I don't know why the alignment gets like this when I send it.
>
>>       },
>>       {
>>               .family        = NFPROTO_IPV6,
>> --
>> 2.7.4
>>
>> --
>> You received this message because you are subscribed to the Google Groups "outreachy-kernel" group.
>> To unsubscribe from this group and stop receiving emails from it, send an email to outreachy-kernel+unsubscribe@googlegroups.com.
>> To post to this group, send email to outreachy-kernel@googlegroups.com.
>> To view this discussion on the web visit https://groups.google.com/d/msgid/outreachy-kernel/1508067107-13649-1-git-send-email-aastha.gupta4104%40gmail.com.
>> For more options, visit https://groups.google.com/d/optout.
>>


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [Outreachy kernel] [PATCH] iptables: iptables-compat translation for TCPMSS
  2017-10-15 12:08   ` Aastha Gupta
@ 2017-10-15 15:14     ` Julia Lawall
  0 siblings, 0 replies; 6+ messages in thread
From: Julia Lawall @ 2017-10-15 15:14 UTC (permalink / raw)
  To: Aastha Gupta; +Cc: outreachy-kernel, Pablo Neira Ayuso



On Sun, 15 Oct 2017, Aastha Gupta wrote:

> On Sun, Oct 15, 2017 at 5:06 PM, Julia Lawall <julia.lawall@lip6.fr> wrote:
> >
> >
> > On Sun, 15 Oct 2017, Aastha Gupta wrote:
> >
> >> Since path mtu support was added, we can now add
> >> iptables-compat translation for TCPMSS extension.
> >>
> >> Signed-off-by: Aastha Gupta <aastha.gupta4104@gmail.com>
> >> ---
> >>  extensions/libxt_TCPMSS.c | 12 ++++++++++++
> >>  1 file changed, 12 insertions(+)
> >>
> >> diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
> >> index 4b71e44..7f65298 100644
> >> --- a/extensions/libxt_TCPMSS.c
> >> +++ b/extensions/libxt_TCPMSS.c
> >> @@ -91,6 +91,17 @@ static void TCPMSS_save(const void *ip, const struct xt_entry_target *target)
> >>               printf(" --set-mss %u", mssinfo->mss);
> >>  }
> >>
> >> +static int TCPMSS_xlate(struct xt_xlate *xl,
> >> +                                              const struct xt_xlate_tg_params *params)
> >
> > The argument list seems to be quite oddly formatted.  Line the second line
> > up with the right side of the (
> >
> >> +{
> >> +     const struct xt_tcpmss_info *mssinfo =
> >> +             (const struct xt_tcpmss_info *)params->target->data;
> >
> > Is the cast really necessary?  It should not be necessary if the data
> > field has type void *.
> >
> >> +     if(mssinfo->mss == XT_TCPMSS_CLAMP_PMTU)
> >
> > Kernel code requires a space after if
> >
> >> +             xt_xlate_add(xl, "tcp option maxseg size set rt mtu");
> >> +
> >> +     return 1;
> >> +}
> >> +
> >>  static struct xtables_target tcpmss_tg_reg[] = {
> >>       {
> >>               .family        = NFPROTO_IPV4,
> >> @@ -104,6 +115,7 @@ static struct xtables_target tcpmss_tg_reg[] = {
> >>               .x6_parse      = TCPMSS_parse,
> >>               .x6_fcheck     = TCPMSS_check,
> >>               .x6_options    = TCPMSS4_opts,
> >> +             .xlate             = TCPMSS_xlate,
> >
> > Follow the same alignment strategy as for the other fields.
> >
> > julia
>
> I don't know why the alignment gets like this when I send it.

OK, maybe it is related to tabs.  If the code looks ok when you apply the
patch, then that's fine.

julia

> >
> >>       },
> >>       {
> >>               .family        = NFPROTO_IPV6,
> >> --
> >> 2.7.4
> >>
> >> --
> >> You received this message because you are subscribed to the Google Groups "outreachy-kernel" group.
> >> To unsubscribe from this group and stop receiving emails from it, send an email to outreachy-kernel+unsubscribe@googlegroups.com.
> >> To post to this group, send email to outreachy-kernel@googlegroups.com.
> >> To view this discussion on the web visit https://groups.google.com/d/msgid/outreachy-kernel/1508067107-13649-1-git-send-email-aastha.gupta4104%40gmail.com.
> >> For more options, visit https://groups.google.com/d/optout.
> >>
>


^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2017-10-15 15:14 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-10-15 11:31 [PATCH] iptables: iptables-compat translation for TCPMSS Aastha Gupta
2017-10-15 11:36 ` [Outreachy kernel] " Julia Lawall
2017-10-15 11:59   ` Aastha Gupta
2017-10-15 12:08   ` Aastha Gupta
2017-10-15 15:14     ` Julia Lawall
2017-10-15 11:39 ` Pablo Neira Ayuso

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.