Re: iptables & new CONNMARK 32bit marks

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Deti Fliegl <deti@fliegl.de>
To: Harald Welte <laforge@netfilter.org>
Cc: netfilter-devel@lists.netfilter.org
Subject: Re: iptables & new CONNMARK 32bit marks
Date: Wed, 02 Nov 2005 10:25:51 +0100	[thread overview]
Message-ID: <4368861F.6040008@fliegl.de> (raw)
In-Reply-To: <20051030094349.GZ4479@sunbeam.de.gnumonks.org>

[-- Attachment #1: Type: text/plain, Size: 596 bytes --]

Hi,

the patch attached to this mail fixes the 32bit connmark issues on 64bit 
systems. Please could anyone test if the code is still working on 32bit 
systems?

Changes:

* replaced any occurences of ~0UL by 0xffffffff which is now platform 
independently 32bit wide.
* the ipt_connmark_target_info structure still uses long variables 
(which 64bit on 64bit systems) for mask & mark - IMHO someone should 
change this to u_int32_t if mark values are meant to be 32bit wide.
* remove any code that has to be compiled #ifdef KERNEL_64_USERSPACE_32 
as 32bit stay 32bit even on 64bit systems

Deti

[-- Attachment #2: iptables-connmark-32bit.patch --]
[-- Type: text/x-patch, Size: 3326 bytes --]

Index: extensions/libipt_CONNMARK.c
===================================================================
--- extensions/libipt_CONNMARK.c	(revision 4421)
+++ extensions/libipt_CONNMARK.c	(working copy)
@@ -72,25 +72,17 @@
 	struct ipt_connmark_target_info *markinfo
 		= (struct ipt_connmark_target_info *)(*target)->data;
 
-#ifdef KERNEL_64_USERSPACE_32
-	markinfo->mask = ~0ULL;
-#else
-	markinfo->mask = ~0UL;
-#endif
+	markinfo->mask = 0xffffffffUL;
 
 	switch (c) {
 		char *end;
 	case '1':
 		markinfo->mode = IPT_CONNMARK_SET;
-#ifdef KERNEL_64_USERSPACE_32
-		markinfo->mark = strtoull(optarg, &end, 0);
-		if (*end == '/' && end[1] != '\0')
-		    markinfo->mask = strtoull(end+1, &end, 0);
-#else
+
 		markinfo->mark = strtoul(optarg, &end, 0);
 		if (*end == '/' && end[1] != '\0')
 		    markinfo->mask = strtoul(end+1, &end, 0);
-#endif
+
 		if (*end != '\0' || end == optarg)
 			exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg);
 		if (*flags)
@@ -116,11 +108,8 @@
 		if (!*flags)
 			exit_error(PARAMETER_PROBLEM,
 			           "CONNMARK target: Can't specify --mask without a operation");
-#ifdef KERNEL_64_USERSPACE_32
-		markinfo->mask = strtoull(optarg, &end, 0);
-#else
 		markinfo->mask = strtoul(optarg, &end, 0);
-#endif
+
 		if (*end != '\0' || end == optarg)
 			exit_error(PARAMETER_PROBLEM, "Bad MASK value `%s'", optarg);
 		break;
@@ -139,23 +128,7 @@
 		           "CONNMARK target: No operation specified");
 }
 
-#ifdef KERNEL_64_USERSPACE_32
 static void
-print_mark(unsigned long long mark)
-{
-	printf("0x%llx", mark);
-}
-
-static void
-print_mask(const char *text, unsigned long long mask)
-{
-	if (mask != ~0ULL)
-		printf("%s0x%llx", text, mask);
-}
-
-#else
-
-static void
 print_mark(unsigned long mark)
 {
 	printf("0x%lx", mark);
@@ -164,10 +137,9 @@
 static void
 print_mask(const char *text, unsigned long mask)
 {
-	if (mask != ~0UL)
+	if (mask != 0xffffffffUL)
 		printf("%s0x%lx", text, mask);
 }
-#endif
 
 
 /* Prints out the target info. */
Index: extensions/libipt_connmark.c
===================================================================
--- extensions/libipt_connmark.c	(revision 4421)
+++ extensions/libipt_connmark.c	(working copy)
@@ -66,17 +66,13 @@
 		char *end;
 	case '1':
 		check_inverse(optarg, &invert, &optind, 0);
-#ifdef KERNEL_64_USERSPACE_32
-		markinfo->mark = strtoull(optarg, &end, 0);
-		markinfo->mask = ~0ULL;
-		if (*end == '/')
-			markinfo->mask = strtoull(end+1, &end, 0);
-#else
+
 		markinfo->mark = strtoul(optarg, &end, 0);
-		markinfo->mask = ~0UL;
+		markinfo->mask = 0xffffffffUL;
+		
 		if (*end == '/')
 			markinfo->mask = strtoul(end+1, &end, 0);
-#endif
+
 		if (*end != '\0' || end == optarg)
 			exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg);
 		if (invert)
@@ -90,25 +86,14 @@
 	return 1;
 }
 
-#ifdef KERNEL_64_USERSPACE_32
 static void
-print_mark(unsigned long long mark, unsigned long long mask, int numeric)
-{
-	if(mask != ~0ULL)
-		printf("0x%llx/0x%llx ", mark, mask);
-	else
-		printf("0x%llx ", mark);
-}
-#else
-static void
 print_mark(unsigned long mark, unsigned long mask, int numeric)
 {
-	if(mask != ~0UL)
+	if(mask != 0xffffffffUL)
 		printf("0x%lx/0x%lx ", mark, mask);
 	else
 		printf("0x%lx ", mark);
 }
-#endif
 
 /* Final check; must have specified --mark. */
 static void

     prev parent reply	other threads:[~2005-11-02  9:25 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-10-24 15:57 iptables & new CONNMARK 32bit marks Deti Fliegl
2005-10-30  9:43 ` Harald Welte
2005-10-30 10:27   ` Deti Fliegl
2005-11-02  9:25   ` Deti Fliegl [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4368861F.6040008@fliegl.de \
    --to=deti@fliegl.de \
    --cc=laforge@netfilter.org \
    --cc=netfilter-devel@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.