* [PATCH nft 1/2] datatype: replace strncmp() by strcmp() in unit parser
@ 2024-08-14 11:07 Pablo Neira Ayuso
2024-08-14 11:07 ` [PATCH nft 2/2] datatype: improve error reporting when time unit is not correct Pablo Neira Ayuso
2024-08-14 11:18 ` [PATCH nft 1/2] datatype: replace strncmp() by strcmp() in unit parser Pablo Neira Ayuso
0 siblings, 2 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2024-08-14 11:07 UTC (permalink / raw)
To: netfilter-devel
Bail out if unit cannot be parsed:
ruleset.nft:5:77-106: Error: Wrong rate format, expecting bytes or kbytes or mbytes
add rule netdev firewall PROTECTED_IPS update @quota_temp_before { ip daddr quota over 45000 mbytes/second } add @quota_trigger { ip daddr }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
improve error reporting while at this.
Fixes: 6615676d825e ("src: add per-bytes limit")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
src/datatype.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/datatype.c b/src/datatype.c
index d398a9c8c618..8879ff0523e8 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -1485,14 +1485,14 @@ static struct error_record *time_unit_parse(const struct location *loc,
struct error_record *data_unit_parse(const struct location *loc,
const char *str, uint64_t *rate)
{
- if (strncmp(str, "bytes", strlen("bytes")) == 0)
+ if (strcmp(str, "bytes") == 0)
*rate = 1ULL;
- else if (strncmp(str, "kbytes", strlen("kbytes")) == 0)
+ else if (strcmp(str, "kbytes") == 0)
*rate = 1024;
- else if (strncmp(str, "mbytes", strlen("mbytes")) == 0)
+ else if (strcmp(str, "mbytes") == 0)
*rate = 1024 * 1024;
else
- return error(loc, "Wrong rate format");
+ return error(loc, "Wrong unit format, expecting bytes or kbytes or mbytes");
return NULL;
}
--
2.30.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH nft 2/2] datatype: improve error reporting when time unit is not correct
2024-08-14 11:07 [PATCH nft 1/2] datatype: replace strncmp() by strcmp() in unit parser Pablo Neira Ayuso
@ 2024-08-14 11:07 ` Pablo Neira Ayuso
2024-08-14 11:18 ` [PATCH nft 1/2] datatype: replace strncmp() by strcmp() in unit parser Pablo Neira Ayuso
1 sibling, 0 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2024-08-14 11:07 UTC (permalink / raw)
To: netfilter-devel
Display:
Wrong unit format, expecting bytes or kbytes or mbytes
instead of:
Wrong rate format
Fixes: 6615676d825e ("src: add per-bytes limit")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
src/datatype.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/datatype.c b/src/datatype.c
index 8879ff0523e8..24c3512d2a06 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -1477,7 +1477,7 @@ static struct error_record *time_unit_parse(const struct location *loc,
else if (strcmp(str, "week") == 0)
*unit = 1ULL * 60 * 60 * 24 * 7;
else
- return error(loc, "Wrong rate format");
+ return error(loc, "Wrong time format, expecting second or minute or hour or day or week");
return NULL;
}
--
2.30.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH nft 1/2] datatype: replace strncmp() by strcmp() in unit parser
2024-08-14 11:07 [PATCH nft 1/2] datatype: replace strncmp() by strcmp() in unit parser Pablo Neira Ayuso
2024-08-14 11:07 ` [PATCH nft 2/2] datatype: improve error reporting when time unit is not correct Pablo Neira Ayuso
@ 2024-08-14 11:18 ` Pablo Neira Ayuso
1 sibling, 0 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2024-08-14 11:18 UTC (permalink / raw)
To: netfilter-devel
On Wed, Aug 14, 2024 at 01:07:21PM +0200, Pablo Neira Ayuso wrote:
> Bail out if unit cannot be parsed:
>
> ruleset.nft:5:77-106: Error: Wrong rate format, expecting bytes or kbytes or mbytes
> add rule netdev firewall PROTECTED_IPS update @quota_temp_before { ip daddr quota over 45000 mbytes/second } add @quota_trigger { ip daddr }
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
Scratch this patch. It breaks limit rate.
> improve error reporting while at this.
>
> Fixes: 6615676d825e ("src: add per-bytes limit")
> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
> ---
> src/datatype.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/src/datatype.c b/src/datatype.c
> index d398a9c8c618..8879ff0523e8 100644
> --- a/src/datatype.c
> +++ b/src/datatype.c
> @@ -1485,14 +1485,14 @@ static struct error_record *time_unit_parse(const struct location *loc,
> struct error_record *data_unit_parse(const struct location *loc,
> const char *str, uint64_t *rate)
> {
> - if (strncmp(str, "bytes", strlen("bytes")) == 0)
> + if (strcmp(str, "bytes") == 0)
> *rate = 1ULL;
> - else if (strncmp(str, "kbytes", strlen("kbytes")) == 0)
> + else if (strcmp(str, "kbytes") == 0)
> *rate = 1024;
> - else if (strncmp(str, "mbytes", strlen("mbytes")) == 0)
> + else if (strcmp(str, "mbytes") == 0)
> *rate = 1024 * 1024;
> else
> - return error(loc, "Wrong rate format");
> + return error(loc, "Wrong unit format, expecting bytes or kbytes or mbytes");
>
> return NULL;
> }
> --
> 2.30.2
>
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-08-14 11:19 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-08-14 11:07 [PATCH nft 1/2] datatype: replace strncmp() by strcmp() in unit parser Pablo Neira Ayuso
2024-08-14 11:07 ` [PATCH nft 2/2] datatype: improve error reporting when time unit is not correct Pablo Neira Ayuso
2024-08-14 11:18 ` [PATCH nft 1/2] datatype: replace strncmp() by strcmp() in unit parser Pablo Neira Ayuso
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.