* [PATCH] [LIBNFNETLINK] fixes @ 2006-01-15 2:54 Pablo Neira Ayuso 2006-01-15 9:45 ` Harald Welte 0 siblings, 1 reply; 4+ messages in thread From: Pablo Neira Ayuso @ 2006-01-15 2:54 UTC (permalink / raw) To: Harald Welte; +Cc: Netfilter Development Mailinglist Hi Harald! The patch attached fixes two issues in libnfnetlink: - subsys_id was not set in nfnl_subsys_open - set nfnlh->local.nl_pid in nfnl_open since nfnl_talk checks that: h->nlmsg_pid != nfnlh->local.nl_pid Now the libnetfilter_conntrack test says OK again ;) cheers, Pablo -- The dawn of the fourth age of Linux firewalling is coming; a time of great struggle and heroic deeds -- J.Kadlecsik got inspired by J.Morris ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] [LIBNFNETLINK] fixes 2006-01-15 2:54 [PATCH] [LIBNFNETLINK] fixes Pablo Neira Ayuso @ 2006-01-15 9:45 ` Harald Welte 2006-01-15 14:35 ` Pablo Neira Ayuso 0 siblings, 1 reply; 4+ messages in thread From: Harald Welte @ 2006-01-15 9:45 UTC (permalink / raw) To: Netfilter Development Mailinglist [-- Attachment #1: Type: text/plain, Size: 975 bytes --] On Sun, Jan 15, 2006 at 03:54:06AM +0100, Pablo Neira Ayuso wrote: > Hi Harald! > > The patch attached fixes two issues in libnfnetlink: > > - subsys_id was not set in nfnl_subsys_open > - set nfnlh->local.nl_pid in nfnl_open since nfnl_talk checks that: > h->nlmsg_pid != nfnlh->local.nl_pid unfortunately no patch attached... > Now the libnetfilter_conntrack test says OK again ;) great. sorry for the breakage, but I hope you can appreciate the beauty of this new concept. Being able to talk to all nfnetlink subsystems at the same time through one socket... Cheers, Harald -- - Harald Welte <laforge@netfilter.org> http://netfilter.org/ ============================================================================ "Fragmentation is like classful addressing -- an interesting early architectural error that shows how much experimentation was going on while IP was being designed." -- Paul Vixie [-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --] ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] [LIBNFNETLINK] fixes 2006-01-15 9:45 ` Harald Welte @ 2006-01-15 14:35 ` Pablo Neira Ayuso 2006-01-15 18:12 ` Harald Welte 0 siblings, 1 reply; 4+ messages in thread From: Pablo Neira Ayuso @ 2006-01-15 14:35 UTC (permalink / raw) To: Harald Welte; +Cc: Netfilter Development Mailinglist [-- Attachment #1: Type: text/plain, Size: 848 bytes --] Harald Welte wrote: >>The patch attached fixes two issues in libnfnetlink: >> >>- subsys_id was not set in nfnl_subsys_open >>- set nfnlh->local.nl_pid in nfnl_open since nfnl_talk checks that: >>h->nlmsg_pid != nfnlh->local.nl_pid > > unfortunately no patch attached... :( sorry about that, patch attached. >>Now the libnetfilter_conntrack test says OK again ;) > > great. sorry for the breakage, but I hope you can appreciate the beauty > of this new concept. Being able to talk to all nfnetlink subsystems at > the same time through one socket... Sure, it's a nice rework. And it's really promising that now we can have helpers in userspace, as Rusty dreamed in early stages :). BTW, are we going to distribute the further application helpers (implemented in userspace) separately or living somewhere in libnetfilter_cthelper? -- Pablo [-- Attachment #2: x --] [-- Type: text/plain, Size: 867 bytes --] Index: src/libnfnetlink.c =================================================================== --- src/libnfnetlink.c (revision 6411) +++ src/libnfnetlink.c (working copy) @@ -16,6 +16,10 @@ * * 2006-01-14 Harald Welte <laforge@netfilter.org>: * introduce nfnl_subsys_handle + * + * 2006-01-15 Pablo Neira Ayuso <pablo@netfilter.org>: + * set missing subsys_id in nfnl_subsys_open + * set missing nfnlh->local.nl_pid in nfnl_open */ #include <stdlib.h> @@ -152,6 +156,10 @@ goto err_close; } nfnlh->seq = time(NULL); + /* + * nfnl_talk checks: h->nlmsg_pid != nfnlh->local.nl_pid + */ + nfnlh->local.nl_pid = getpid(); return nfnlh; @@ -196,6 +204,7 @@ ssh->nfnlh = nfnlh; ssh->cb_count = cb_count; ssh->subscriptions = subscriptions; + ssh->subsys_id = subsys_id; if (recalc_rebind_subscriptions(nfnlh) < 0) { free(ssh->cb); ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] [LIBNFNETLINK] fixes 2006-01-15 14:35 ` Pablo Neira Ayuso @ 2006-01-15 18:12 ` Harald Welte 0 siblings, 0 replies; 4+ messages in thread From: Harald Welte @ 2006-01-15 18:12 UTC (permalink / raw) To: Pablo Neira Ayuso; +Cc: Netfilter Development Mailinglist [-- Attachment #1: Type: text/plain, Size: 2003 bytes --] On Sun, Jan 15, 2006 at 03:35:41PM +0100, Pablo Neira Ayuso wrote: > Harald Welte wrote: > >>The patch attached fixes two issues in libnfnetlink: > >> > >>- subsys_id was not set in nfnl_subsys_open > >>- set nfnlh->local.nl_pid in nfnl_open since nfnl_talk checks that: > >>h->nlmsg_pid != nfnlh->local.nl_pid > > > > unfortunately no patch attached... > > :( sorry about that, patch attached. thanks, will review and apply. > >>Now the libnetfilter_conntrack test says OK again ;) > > > > great. sorry for the breakage, but I hope you can appreciate the beauty > > of this new concept. Being able to talk to all nfnetlink subsystems at > > the same time through one socket... > > Sure, it's a nice rework. And it's really promising that now we can have > helpers in userspace, as Rusty dreamed in early stages :). > > BTW, are we going to distribute the further application helpers > (implemented in userspace) separately or living somewhere in > libnetfilter_cthelper? the helpers are applications (daemons) that link against libnetfilter_cthelper. They will not be themselves (apart from some example code) be in the library package. We _might_ want to provide some addidional helper infrastructure, something more than libnetfilter_cthelper, but I don't have any precise plans yet. Something with a common handling for logging, config files, etc. might be neat. But anyway, that's optional and for later down the road. The kernel bits, libnetfilter_queue, libnetfilter_conntrack and libnetfilter_cthelper is everything you technically need for writing an userspace helper. -- - Harald Welte <laforge@netfilter.org> http://netfilter.org/ ============================================================================ "Fragmentation is like classful addressing -- an interesting early architectural error that shows how much experimentation was going on while IP was being designed." -- Paul Vixie [-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --] ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2006-01-15 18:12 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2006-01-15 2:54 [PATCH] [LIBNFNETLINK] fixes Pablo Neira Ayuso 2006-01-15 9:45 ` Harald Welte 2006-01-15 14:35 ` Pablo Neira Ayuso 2006-01-15 18:12 ` Harald Welte
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.