Avoiding multiple calls to xt_target.checkentry

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Adam Nielsen <a.nielsen@shikadi.net>
To: Netfilter Developer Mailing List <netfilter-devel@vger.kernel.org>
Subject: Avoiding multiple calls to xt_target.checkentry
Date: Sun, 24 May 2009 11:46:55 +1000	[thread overview]
Message-ID: <4A18A70F.50808@shikadi.net> (raw)

Hi all,

I've just discovered a small bug in the xt_LED target I submitted a couple of
months back, but I'm not sure of the best way of fixing it.

When iptables adds a rule with the LED target, it calls the "checkentry"
function (led_tg_check) to confirm that the rule conditions are valid.  This
target doesn't care what the rule is, so the code returns success after
creating a new LED trigger elsewhere in the kernel.

The problem is that if you create a new chain, add a rule to it with the LED
target, then add *other* rules that point to the new chain, the "checkentry"
function gets called multiple times (to make sure the new rules are valid)
which means the led_tg_check function tries to create the same trigger
multiple times (which fails.)

For example:

$ iptables -N scroll_lock

$ iptables -A scroll_lock -j LED --led-trigger-id http
// led_tg_check() called and registers the "netfilter-http" LED trigger

$ iptables -I INPUT 1 -p tcp --sport 80 -j scroll_lock
iptables: Invalid argument. Run `dmesg' for more information.
// led_tg_check() was called again and failed

$ dmesg
xt_LED: led_trigger_register() failed
xt_LED: Trigger name is already in use.

In other words, is there a function only called the first time the rule is
added by iptables?  Or should I be keeping track of that myself?

Thanks,
Adam.

next             reply	other threads:[~2009-05-24  2:10 UTC|newest]

Thread overview: 41+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-05-24  1:46 Adam Nielsen [this message]
2009-05-24  7:34 ` Avoiding multiple calls to xt_target.checkentry Jan Engelhardt
2009-05-27 23:07   ` Adam Nielsen
2009-05-28 21:06     ` Jan Engelhardt
2009-06-03  9:25     ` Patrick McHardy
2009-06-03 11:03       ` Adam Nielsen
2009-11-05 15:00         ` Patrick McHardy
2009-11-05 18:40           ` Jan Engelhardt
2009-11-05 18:43             ` Patrick McHardy
2009-11-05 22:04           ` Adam Nielsen
2009-11-06 14:56             ` Patrick McHardy
2009-11-29  1:43               ` [PATCH] Add refcounts to LED target Adam Nielsen
2009-11-29 10:12                 ` Jan Engelhardt
2009-11-29 11:33                   ` Adam Nielsen
2009-11-29 15:49                     ` Jan Engelhardt
2009-12-01 10:05                       ` Patrick McHardy
2009-12-06 10:09                         ` Adam Nielsen
2009-12-06 13:24                           ` Patrick McHardy
2010-03-25 14:01                             ` Patrick McHardy
2010-03-25 14:05                               ` Jan Engelhardt
2010-03-25 14:08                                 ` Patrick McHardy
2010-03-27  4:05                                   ` Adam Nielsen
2010-03-27 11:15                                     ` Jan Engelhardt
2010-03-27 11:39                                       ` Adam Nielsen
2010-03-27 11:55                                         ` Jan Engelhardt
2010-03-28  1:25                                           ` [PATCH v2] " Adam Nielsen
2010-04-04 11:30                                             ` Jan Engelhardt
2010-04-07 16:15                                               ` Patrick McHardy
2010-04-08  3:03                                                 ` [PATCH v3] " Adam Nielsen
2010-04-08 11:33                                                   ` Patrick McHardy
2010-04-08 12:45                                                     ` Jan Engelhardt
2010-04-08 12:57                                                       ` Patrick McHardy
2010-04-08 23:06                                                         ` [PATCH v4] " Adam Nielsen
2010-04-09 14:52                                                           ` Patrick McHardy
2010-04-08 21:07                                                   ` [PATCH v3] " Florian Westphal
2010-04-08 22:45                                                     ` Adam Nielsen
2010-03-27 18:42                                     ` [PATCH] " Jan Engelhardt
2010-03-28  1:58                                       ` Adam Nielsen
2010-04-04 11:59                                         ` Jan Engelhardt
2010-04-08  3:15                                           ` input-layer LEDs as LED-class devices (was: Add refcounts to LED target) Adam Nielsen
2010-04-08  8:03                                             ` Jan Engelhardt

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4A18A70F.50808@shikadi.net \
    --to=a.nielsen@shikadi.net \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.