* arbitary length matchinfo
@ 2005-04-15 11:32 Juha Heljoranta
2005-04-15 15:23 ` Henrik Nordstrom
2005-04-15 15:55 ` Harald Welte
0 siblings, 2 replies; 3+ messages in thread
From: Juha Heljoranta @ 2005-04-15 11:32 UTC (permalink / raw)
To: netfilter-devel
Is it possible to create arbitary length matchinfo? I couldn't find any
info on this.
What I want is an path:
struct ipt_foo_info {
char *path;
}
maximum path length in Linux is 4096 and doing
struct ipt_foo_info {
char path[4096];
}
is bit crazy.
Regards,
Juha Heljoranta
^ permalink raw reply [flat|nested] 3+ messages in thread* Re: arbitary length matchinfo
2005-04-15 11:32 arbitary length matchinfo Juha Heljoranta
@ 2005-04-15 15:23 ` Henrik Nordstrom
2005-04-15 15:55 ` Harald Welte
1 sibling, 0 replies; 3+ messages in thread
From: Henrik Nordstrom @ 2005-04-15 15:23 UTC (permalink / raw)
To: Juha Heljoranta; +Cc: netfilter-devel
On Fri, 15 Apr 2005, Juha Heljoranta wrote:
> Is it possible to create arbitary length matchinfo?
Not without modifying both libiptc and the kernel. The structures does
support this, but libiptc assumes the matchinfo is of fixed size, and the
kernel also verifies the size is the expected size.
> What I want is an path:
Just curious: why?
Regards
Henrik
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: arbitary length matchinfo
2005-04-15 11:32 arbitary length matchinfo Juha Heljoranta
2005-04-15 15:23 ` Henrik Nordstrom
@ 2005-04-15 15:55 ` Harald Welte
1 sibling, 0 replies; 3+ messages in thread
From: Harald Welte @ 2005-04-15 15:55 UTC (permalink / raw)
To: netfilter-devel
[-- Attachment #1: Type: text/plain, Size: 760 bytes --]
On Fri, Apr 15, 2005 at 02:32:08PM +0300, Juha Heljoranta wrote:
> Is it possible to create arbitary length matchinfo? I couldn't find any
> info on this.
no.
> What I want is an path:
>
> struct ipt_foo_info {
> char *path;
> }
>
> maximum path length in Linux is 4096 and doing
you definitely don't want filename paths in an iptables rule. this is
insane ;)
--
- Harald Welte <laforge@netfilter.org> http://netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2005-04-15 15:55 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-04-15 11:32 arbitary length matchinfo Juha Heljoranta
2005-04-15 15:23 ` Henrik Nordstrom
2005-04-15 15:55 ` Harald Welte
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.