From: Bart De Schuymer <bdschuym@pandora.be>
To: Harald Welte <laforge@gnumonks.org>
Cc: Linux Netdev List <netdev@vger.kernel.org>,
Netfilter Development Mailinglist
<netfilter-devel@lists.netfilter.org>,
kaber@trash.net
Subject: Re: [RFC PATCH] convert ebt_ulog to nfnetlink_log
Date: Sun, 07 Aug 2005 21:27:56 +0000 [thread overview]
Message-ID: <1123450076.3378.18.camel@localhost.localdomain> (raw)
In-Reply-To: <20050805171028.GA7855@rama.de.gnumonks.org>
Op vr, 05-08-2005 te 19:10 +0200, schreef Harald Welte:
> What about the following (only compile-tested) patch ?
>
> [NETFILTER] add phys{in,out}dev support to nfnetlink_log and nfnetlink_queue
>
> Since bridges don't have a 'reasonable' input and output net_device
> (e.g. 'br0'), we need to add seperate TLV's for the 'physindev' and 'physoutdev'
> to get to the real underlying device (e.g. 'eth0').
>
> I really hate to have those CONFIG_BRIDGE_NETFILTER ifdef's all over the
> code - but for now we have them almost everywhere, so two more doesn't
> hurt. At some point we need to get rid of this ugliness and have something
> like an 'input device stack' that can be traversed.
I'm not sure if I understand that, how could this be used to know if
BRIDGE_NETFILTER was configured?
> +#ifdef CONFIG_BRIDGE_NETFILTER
> + if (indev->br_port) {
> + tmp_uint = htonl(indev->br_port->br->dev->ifindex);
> + NFA_PUT(inst->skb, NFULA_IFINDEX_PHYSINDEV,
> + sizeof(tmp_uint), &tmp_uint);
> + }
indev->br_port->br->dev->ifindex points to the ifindex of the bridge br0
when indev is a bridge port (eth0). So you need this to fill in the
input device (assuming we agree that the bridge is called the input
device, and the bridge port is called the physical input device).
Filling in the physical input device is done with indev (in case
indev->br_port is not NULL).
I can't easily get access to net-2.6.14, so I can't have a full view on
things. If you were to change ebt_ulog, you must also make sure that the
physindev is used for NFULA_IFINDEX_PHYSINDEV. The input_dev member of
the skb will be eth0 if the physindev is known.
Analogous comments hold for the other similar parts of your patch.
cheers,
Bart
next prev parent reply other threads:[~2005-08-07 21:27 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20050730110353.GD6620@rama.de.gnumonks.org>
[not found] ` <20050730.210423.111177162.davem@davemloft.net>
[not found] ` <20050731070509.GD3835@rama.de.gnumonks.org>
[not found] ` <1123241167.3377.15.camel@localhost.localdomain>
[not found] ` <20050805163709.GF4033@rama.de.gnumonks.org>
2005-08-05 17:10 ` [RFC PATCH] convert ebt_ulog to nfnetlink_log Harald Welte
2005-08-07 21:27 ` Bart De Schuymer [this message]
2005-08-07 21:33 ` Harald Welte
2005-08-08 6:57 ` Bart De Schuymer
2005-08-08 8:16 ` Harald Welte
2005-08-08 9:06 bdschuym@pandora.be
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1123450076.3378.18.camel@localhost.localdomain \
--to=bdschuym@pandora.be \
--cc=kaber@trash.net \
--cc=laforge@gnumonks.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).