From: Jamal Hadi Salim <jhs@mojatatu.com>
To: Stephen Hemminger <shemminger@vyatta.com>
Cc: Hasan Chowdhury <shemonc@gmail.com>,
Jan Engelhardt <jengelh@inai.de>,
Yury Stankevich <urykhy@gmail.com>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
pablo@netfilter.org, netfilter-devel@vger.kernel.org
Subject: [PATCH] iproute2: act_ipt fix xtables breakage
Date: Sun, 16 Dec 2012 15:41:39 -0500 [thread overview]
Message-ID: <50CE3203.9080007@mojatatu.com> (raw)
In-Reply-To: <alpine.LNX.2.01.1212162003340.27614@nerf07.vanv.qr>
[-- Attachment #1: Type: text/plain, Size: 307 bytes --]
Attached.
I am going to send a kernel patch as well.
There is an "intermediate solution" from Hasan which doesnt require
the kernel change. It changes the kernel endpoint to "ipt". I am
conflicted because it is a quick hack while otoh forcing people to
upgrade kernel is a usability issue.
cheers,
jamal
[-- Attachment #2: patch-xt --]
[-- Type: text/plain, Size: 4163 bytes --]
commit ff707eaa1fd51435958ae2afcd09d4b3600160b4
Author: Hasan Chowdhury <shemonc@gmail.com>
Date: Sun Dec 16 14:09:38 2012 -0500
Fixes breakage with xtables API starting with version 1.4.10
Signed-off-by: Hasan Chowdhury <shemonc@gmail.com>
Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
diff --git a/tc/m_xt.c b/tc/m_xt.c
index bcc4d75..e1c3f38 100644
--- a/tc/m_xt.c
+++ b/tc/m_xt.c
@@ -118,6 +118,7 @@ static int parse_ipt(struct action_util *a,int *argc_p,
struct xtables_target *m = NULL;
struct ipt_entry fw;
struct rtattr *tail;
+
int c;
int rargc = *argc_p;
char **argv = *argv_p;
@@ -126,6 +127,7 @@ static int parse_ipt(struct action_util *a,int *argc_p,
int size = 0;
int iok = 0, ok = 0;
__u32 hook = 0, index = 0;
+ struct option *opts = NULL;
xtables_init_all(&tcipt_globals, NFPROTO_IPV4);
set_lib_dir();
@@ -158,14 +160,22 @@ static int parse_ipt(struct action_util *a,int *argc_p,
printf(" %s error \n", m->name);
return -1;
}
- tcipt_globals.opts =
- xtables_merge_options(
#if (XTABLES_VERSION_CODE >= 6)
- tcipt_globals.orig_opts,
+ opts = xtables_options_xfrm(tcipt_globals.orig_opts,
+ tcipt_globals.opts,
+ m->x6_options,
+ &m->option_offset);
+#else
+ opts = xtables_merge_options(tcipt_globals.orig_opts,
+ tcipt_globals.opts,
+ m->extra_opts,
+ &m->option_offset);
#endif
- tcipt_globals.opts,
- m->extra_opts,
- &m->option_offset);
+ if (opts == NULL) {
+ fprintf(stderr, " failed to find aditional options for target %s\n\n", optarg);
+ return -1;
+ } else
+ tcipt_globals.opts = opts;
} else {
fprintf(stderr," failed to find target %s\n\n", optarg);
return -1;
@@ -175,17 +185,21 @@ static int parse_ipt(struct action_util *a,int *argc_p,
default:
memset(&fw, 0, sizeof (fw));
- if (m) {
- m->parse(c - m->option_offset, argv, 0,
- &m->tflags, NULL, &m->t);
+#if (XTABLES_VERSION_CODE >= 6)
+ if (m != NULL && m->x6_parse != NULL ) {
+ xtables_option_tpcall(c, argv, 0 , m, NULL);
+#else
+ if (m != NULL && m->parse != NULL ) {
+ m->parse(c - m->option_offset, argv, 0, &m->tflags,
+ NULL, &m->t);
+#endif
} else {
- fprintf(stderr," failed to find target %s\n\n", optarg);
+ fprintf(stderr,"failed to find target %s\n\n", optarg);
return -1;
}
ok++;
break;
-
}
}
@@ -208,8 +222,13 @@ static int parse_ipt(struct action_util *a,int *argc_p,
}
/* check that we passed the correct parameters to the target */
+#if (XTABLES_VERSION_CODE >= 6)
+ if (m)
+ xtables_option_tfcall(m);
+#else
if (m && m->final_check)
m->final_check(m->tflags);
+#endif
{
struct tcmsg *t = NLMSG_DATA(n);
@@ -271,6 +290,7 @@ print_ipt(struct action_util *au,FILE * f, struct rtattr *arg)
{
struct rtattr *tb[TCA_IPT_MAX + 1];
struct xt_entry_target *t = NULL;
+ struct option *opts = NULL;
if (arg == NULL)
return -1;
@@ -309,14 +329,22 @@ print_ipt(struct action_util *au,FILE * f, struct rtattr *arg)
return -1;
}
- tcipt_globals.opts =
- xtables_merge_options(
#if (XTABLES_VERSION_CODE >= 6)
- tcipt_globals.orig_opts,
+ opts = xtables_options_xfrm(tcipt_globals.orig_opts,
+ tcipt_globals.opts,
+ m->x6_options,
+ &m->option_offset);
+#else
+ opts = xtables_merge_options(tcipt_globals.orig_opts,
+ tcipt_globals.opts,
+ m->extra_opts,
+ &m->option_offset);
#endif
- tcipt_globals.opts,
- m->extra_opts,
- &m->option_offset);
+ if (opts == NULL) {
+ fprintf(stderr, " failed to find aditional options for target %s\n\n", optarg);
+ return -1;
+ } else
+ tcipt_globals.opts = opts;
} else {
fprintf(stderr, " failed to find target %s\n\n",
t->u.user.name);
@@ -355,4 +383,3 @@ struct action_util xt_action_util = {
.parse_aopt = parse_ipt,
.print_aopt = print_ipt,
};
-
next prev parent reply other threads:[~2012-12-16 20:41 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <50C4821D.5090206@gmail.com>
[not found] ` <50C9B4BB.9060609@mojatatu.com>
2012-12-15 21:19 ` tc ipt action Jamal Hadi Salim
2012-12-15 23:06 ` Jan Engelhardt
2012-12-16 0:26 ` Jan Engelhardt
2012-12-16 0:32 ` [PATCH] build: unbreak linkage of m_xt.so Jan Engelhardt
2012-12-16 10:30 ` Jamal Hadi Salim
2012-12-16 17:03 ` Jamal Hadi Salim
2012-12-16 17:43 ` Jan Engelhardt
2012-12-16 18:05 ` Jamal Hadi Salim
2012-12-16 22:02 ` Mike Frysinger
2012-12-18 17:21 ` Stephen Hemminger
2012-12-18 18:47 ` Mike Frysinger
2012-12-20 0:03 ` Stephen Hemminger
2012-12-16 10:22 ` tc ipt action Jamal Hadi Salim
[not found] ` <CAASe=fQT2pVOK0uctdaKL+aOrF8nYeTMfoF15kmd-rC02+7Vnw@mail.gmail.com>
2012-12-16 16:48 ` Jamal Hadi Salim
2012-12-16 18:59 ` Jamal Hadi Salim
2012-12-16 19:13 ` Jan Engelhardt
2012-12-16 20:36 ` Jamal Hadi Salim
2012-12-16 20:41 ` Jamal Hadi Salim [this message]
2012-12-17 12:30 ` RFC [PATCH] iproute2: temporary solution to fix xt breakage Jamal Hadi Salim
2012-12-17 16:12 ` Stephen Hemminger
2012-12-19 11:36 ` Jamal Hadi Salim
[not found] ` <CAASe=fRuJdtisEvp7uo=PHwN3nKHqsYDW4Om1gk2MK-vyNvBrA@mail.gmail.com>
2012-12-18 12:28 ` Jamal Hadi Salim
[not found] ` <CAASe=fR6Hm2dxp=1wDchtrzqnaH6qacHpg2wrsqLfmGpPbQ9Fg@mail.gmail.com>
2012-12-19 11:44 ` Jamal Hadi Salim
2012-12-19 11:56 ` [PATCH] pkt_sched: act_xt support new Xtables interface Jamal Hadi Salim
2012-12-19 15:52 ` Jan Engelhardt
2012-12-19 23:05 ` Jamal Hadi Salim
[not found] ` <CAASe=fQZGwjM_2PStRE0tje33Doi6TuwJJ3p7x-SRcwq3mQvRg@mail.gmail.com>
2012-12-19 23:00 ` Jamal Hadi Salim
2012-12-20 8:54 ` Yury Stankevich
2012-12-20 12:35 ` Jamal Hadi Salim
2012-12-20 14:59 ` Yury Stankevich
2012-12-21 13:03 ` Jamal Hadi Salim
2012-12-21 13:13 ` Yury Stankevich
2012-12-21 13:50 ` Jamal Hadi Salim
2012-12-21 14:14 ` Yury Stankevich
2012-12-22 13:19 ` Jamal Hadi Salim
2012-12-22 13:43 ` Jan Engelhardt
2012-12-22 13:56 ` Jamal Hadi Salim
2012-12-22 13:58 ` Yury Stankevich
2012-12-22 14:04 ` Florian Westphal
2012-12-22 14:09 ` Jamal Hadi Salim
2012-12-24 11:34 ` Jamal Hadi Salim
2012-12-24 11:49 ` Felix Fietkau
2012-12-24 12:19 ` Jamal Hadi Salim
2012-12-24 13:12 ` Pablo Neira Ayuso
2012-12-24 14:05 ` Jamal Hadi Salim
2012-12-24 18:19 ` Pablo Neira Ayuso
2012-12-26 23:10 ` Pablo Neira Ayuso
2012-12-21 14:35 ` Jan Engelhardt
2012-12-21 15:45 ` Eric Dumazet
2012-12-22 13:42 ` Jamal Hadi Salim
2012-12-16 0:27 ` tc ipt action Pablo Neira Ayuso
2012-12-16 0:59 ` Jan Engelhardt
2012-12-16 10:43 ` Jamal Hadi Salim
2012-12-16 17:21 ` Jan Engelhardt
2012-12-16 17:47 ` Jamal Hadi Salim
2012-12-16 18:59 ` Jan Engelhardt
2012-12-16 20:35 ` Jamal Hadi Salim
2012-12-16 21:21 ` Jan Engelhardt
2012-12-17 12:58 ` Jamal Hadi Salim
2012-12-17 13:28 ` Jan Engelhardt
2012-12-18 13:23 ` Jamal Hadi Salim
2012-12-18 13:58 ` Jan Engelhardt
2012-12-19 11:43 ` Jamal Hadi Salim
2012-12-16 10:26 ` Jamal Hadi Salim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50CE3203.9080007@mojatatu.com \
--to=jhs@mojatatu.com \
--cc=jengelh@inai.de \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
--cc=shemminger@vyatta.com \
--cc=shemonc@gmail.com \
--cc=urykhy@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.