[patch 2/4] Add support for --set-counters to iptables -P

All of lore.kernel.org
 help / color / mirror / Atom feed

* [patch 2/4] Add support for --set-counters to iptables -P
@ 2008-05-12 18:25 Henrik Nordstrom
  2008-05-12 18:31 ` Jan Engelhardt
  2008-05-12 18:40 ` Patrick McHardy
  0 siblings, 2 replies; 6+ messages in thread
From: Henrik Nordstrom @ 2008-05-12 18:25 UTC (permalink / raw)
  To: netfilter-devel

[-- Attachment #1: Type: text/plain, Size: 97 bytes --]

Adds support for setting the policy counters

iptables -P INPUT -J DROP -c 10 20

Regards
Henrik

[-- Attachment #2: policycounters.patch --]
[-- Type: text/x-patch, Size: 1914 bytes --]

Index: iptables/iptables.c
===================================================================
--- iptables.orig/iptables.c
+++ iptables/iptables.c
@@ -165,7 +165,7 @@ static char commands_v_options[NUMBER_OF
 /*ZERO*/      {'x','x','x','x','x',' ','x','x','x','x','x','x'},
 /*NEW_CHAIN*/ {'x','x','x','x','x',' ','x','x','x','x','x','x'},
 /*DEL_CHAIN*/ {'x','x','x','x','x',' ','x','x','x','x','x','x'},
-/*SET_POLICY*/{'x','x','x','x','x',' ','x','x','x','x','x','x'},
+/*SET_POLICY*/{'x','x','x','x','x',' ','x','x','x','x','x',' '},
 /*RENAME*/    {'x','x','x','x','x',' ','x','x','x','x','x','x'}
 };
 
@@ -1842,7 +1842,7 @@ int do_command(int argc, char *argv[], c
 		ret = iptc_rename_chain(chain, newname,	handle);
 		break;
 	case CMD_SET_POLICY:
-		ret = iptc_set_policy(chain, policy, NULL, handle);
+		ret = iptc_set_policy(chain, policy, options&OPT_COUNTERS ? &fw.counters : NULL, handle);
 		break;
 	default:
 		/* We should never reach this... */
Index: iptables/ip6tables.c
===================================================================
--- iptables.orig/ip6tables.c
+++ iptables/ip6tables.c
@@ -165,7 +165,7 @@ static char commands_v_options[NUMBER_OF
 /*ZERO*/      {'x','x','x','x','x',' ','x','x','x','x','x'},
 /*NEW_CHAIN*/ {'x','x','x','x','x',' ','x','x','x','x','x'},
 /*DEL_CHAIN*/ {'x','x','x','x','x',' ','x','x','x','x','x'},
-/*SET_POLICY*/{'x','x','x','x','x',' ','x','x','x','x','x'},
+/*SET_POLICY*/{'x','x','x','x','x',' ','x','x','x','x',' '},
 /*RENAME*/    {'x','x','x','x','x',' ','x','x','x','x','x'}
 };
 
@@ -1802,7 +1802,7 @@ int do_command6(int argc, char *argv[], 
 		ret = ip6tc_rename_chain(chain, newname,	handle);
 		break;
 	case CMD_SET_POLICY:
-		ret = ip6tc_set_policy(chain, policy, NULL, handle);
+		ret = ip6tc_set_policy(chain, policy, options&OPT_COUNTERS ? &fw.counters : NULL, handle);
 		break;
 	default:
 		/* We should never reach this... */

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [patch 2/4] Add support for --set-counters to iptables -P
  2008-05-12 18:25 [patch 2/4] Add support for --set-counters to iptables -P Henrik Nordstrom
@ 2008-05-12 18:31 ` Jan Engelhardt
  2008-05-12 18:40   ` Patrick McHardy
  2008-05-12 18:42   ` Henrik Nordstrom
  2008-05-12 18:40 ` Patrick McHardy
  1 sibling, 2 replies; 6+ messages in thread
From: Jan Engelhardt @ 2008-05-12 18:31 UTC (permalink / raw)
  To: Henrik Nordstrom; +Cc: netfilter-devel


On Monday 2008-05-12 20:25, Henrik Nordstrom wrote:

>Adds support for setting the policy counters
>
>iptables -P INPUT -J DROP -c 10 20

Could this perhaps be changed so that -c only takes one argument?
Like -c 10,20. This would ease integration with passthrough
argument parsing in 3rd party applications.


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [patch 2/4] Add support for --set-counters to iptables -P
  2008-05-12 18:25 [patch 2/4] Add support for --set-counters to iptables -P Henrik Nordstrom
  2008-05-12 18:31 ` Jan Engelhardt
@ 2008-05-12 18:40 ` Patrick McHardy
  1 sibling, 0 replies; 6+ messages in thread
From: Patrick McHardy @ 2008-05-12 18:40 UTC (permalink / raw)
  To: Henrik Nordstrom; +Cc: netfilter-devel

Henrik Nordstrom wrote:
> Adds support for setting the policy counters
> 
> iptables -P INPUT -J DROP -c 10 20

Applied, thanks.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [patch 2/4] Add support for --set-counters to iptables -P
  2008-05-12 18:31 ` Jan Engelhardt
@ 2008-05-12 18:40   ` Patrick McHardy
  2008-05-13  9:07     ` Henrik Nordstrom
  2008-05-12 18:42   ` Henrik Nordstrom
  1 sibling, 1 reply; 6+ messages in thread
From: Patrick McHardy @ 2008-05-12 18:40 UTC (permalink / raw)
  To: Jan Engelhardt; +Cc: Henrik Nordstrom, netfilter-devel

Jan Engelhardt wrote:
> On Monday 2008-05-12 20:25, Henrik Nordstrom wrote:
> 
>> Adds support for setting the policy counters
>>
>> iptables -P INPUT -J DROP -c 10 20
> 
> Could this perhaps be changed so that -c only takes one argument?
> Like -c 10,20. This would ease integration with passthrough
> argument parsing in 3rd party applications.

I already applied it, in case you want to change anything, please
send a patch on top.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [patch 2/4] Add support for --set-counters to iptables -P
  2008-05-12 18:31 ` Jan Engelhardt
  2008-05-12 18:40   ` Patrick McHardy
@ 2008-05-12 18:42   ` Henrik Nordstrom
  1 sibling, 0 replies; 6+ messages in thread
From: Henrik Nordstrom @ 2008-05-12 18:42 UTC (permalink / raw)
  To: Jan Engelhardt; +Cc: netfilter-devel

On mån, 2008-05-12 at 20:31 +0200, Jan Engelhardt wrote:
> On Monday 2008-05-12 20:25, Henrik Nordstrom wrote:
> 
> >Adds support for setting the policy counters
> >
> >iptables -P INPUT -J DROP -c 10 20
> 
> Could this perhaps be changed so that -c only takes one argument?
> Like -c 10,20. This would ease integration with passthrough
> argument parsing in 3rd party applications.

That's a different patch. All this patch does is enabling the existing
--set-counters (-c) option to be used with --set-policy (-P).

Regards
Henrik

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [patch 2/4] Add support for --set-counters to iptables -P
  2008-05-12 18:40   ` Patrick McHardy
@ 2008-05-13  9:07     ` Henrik Nordstrom
  0 siblings, 0 replies; 6+ messages in thread
From: Henrik Nordstrom @ 2008-05-13  9:07 UTC (permalink / raw)
  To: Patrick McHardy; +Cc: Jan Engelhardt, netfilter-devel

On mån, 2008-05-12 at 20:40 +0200, Patrick McHardy wrote:

> > Could this perhaps be changed so that -c only takes one argument?
> > Like -c 10,20. This would ease integration with passthrough
> > argument parsing in 3rd party applications.
> 
> I already applied it, in case you want to change anything, please
> send a patch on top.

Done, but it is a separate issue not related to these patches.

Regards
Henrik

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2008-05-13  9:07 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-05-12 18:25 [patch 2/4] Add support for --set-counters to iptables -P Henrik Nordstrom
2008-05-12 18:31 ` Jan Engelhardt
2008-05-12 18:40   ` Patrick McHardy
2008-05-13  9:07     ` Henrik Nordstrom
2008-05-12 18:42   ` Henrik Nordstrom
2008-05-12 18:40 ` Patrick McHardy

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.