From: jamal <hadi@cyberus.ca>
To: Julian Anastasov <ja@ssi.bg>
Cc: Donald Becker <becker@scyld.com>,
Ben Greear <greearb@candelatech.com>,
Jeff Garzik <jgarzik@pobox.com>,
Alexandre Cassen <Alexandre.Cassen@wanadoo.fr>,
"" <netdev@oss.sgi.com>
Subject: Re: SIOCADDMULTI for unicast broken
Date: Mon, 6 Jan 2003 12:23:19 -0500 (EST) [thread overview]
Message-ID: <20030106121218.R57730@shell.cyberus.ca> (raw)
In-Reply-To: <Pine.LNX.4.44.0301061624070.24805-100000@l>
Julian,
On Mon, 6 Jan 2003, Julian Anastasov wrote:
>
> Hello,
>
> On Mon, 6 Jan 2003, jamal wrote:
>
> > > May be sort of: ... alter andmask 0xFF00 xormask 0x0023 at -4 ...
> > > i.e. syntax similar to ipchains TOS and u32 match.
> >
> > I wanted to use u32 as the basis; which means u32 type matching is needed.
> > then use vi/sed type substitution s/OL/V where:
> > O = offset (from skb->data, could be -ve),
>
> IMO, using skb->nh.raw as basis is preferred. By this way
> the filters can be used from different places in the net stack.
Makes sense, let me think about it more and maybe experiment.
"different places in the stack"? I was thinking only ingress or egress.
>
> > L = length (cant go beyond head or end),
> > V is a static value configured (its size cant exceed L). V can also
> > be computed off something example the data at offset O. I am trying to
> > keep away from situations where L is larger or smaller than sizeof V
> > so theres no mucking with any of the skb pointers ore reallocing etc. In
>
> Yes, changing skb len is problematic mostly for TCP. As
> for L and V: I assume they are HEX digits or there will be a way
> to encode alphanumeric chars?
>
We leave that to user space. User space can translate from strings for
example into hex. But yes, hex should be the default as is now.
> > the next iteration things could change. Note i havent written this but
> > will in the near future (so anyone is welcome to hack on it)
> > I didnt understand your andmask and xormask idea...
>
> The above example:
>
> - goto word at offset -4
> - AND the 2 bytes with FF00
> - XOR the 2 bytes with 0023
>
> AND+XOR allow any operations for bits:
>
> 1) preserving (AND 1 XOR 0)
> 2) inverting (AND 1 XOR 1)
> 3) setting (AND 0 XOR 1)
> 4) clearing (AND 0 XOR 0)
>
Ok, makes sense and oughta be used.
> > u32 needs to be taught about ARP so it can understand different
> > ARP header bits like sip (shouldnt be that difficult)
>
> Yes, we can teach u32 to know about ARP offsets,
> ethhdr offsets...
ethheaders are i think generic enough to be done first.
>
> > I plan to move ingress to below IP just before the bridging and tap
> > code; experiments shows this works just fine.
> > So all the filters + edits going there should work fine. Thoughts?
>
> I assume just after skb->nh.raw = skb->data;
> Also, before or after deliver to ptype_all?
yes before ptype_all i.e the first thing. But it could be a
programmability thing where you at least allow ptype_all to see things.
>
> I see one problem: egress is called after all csum calcs,
> bad for IP (if tc is going to damage the payload), good for ethhdr, ARP.
>
well unless you pass options to recalculate csums or make csum an
action by itself. I am thinking of "auxillary" actions which could
be done by all actions - this could be one of them; logging is another;
"change classid" is another.
Lets take this discussion offline, i think we have exceeded the topic
that started it all and people are hitting "D"s.
cheers,
jamal
next prev parent reply other threads:[~2003-01-06 17:23 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-01-03 21:46 SIOCADDMULTI for unicast broken jamal
2003-01-04 0:07 ` Donald Becker
2003-01-04 1:18 ` Jeff Garzik
2003-01-04 1:39 ` Donald Becker
2003-01-04 1:45 ` Ben Greear
2003-01-04 1:52 ` Jeff Garzik
2003-01-06 15:00 ` Krzysztof Halasa
2003-01-04 2:18 ` Donald Becker
2003-01-04 4:11 ` jamal
2003-01-04 6:33 ` Donald Becker
2003-01-04 17:41 ` jamal
2003-01-04 18:24 ` Donald Becker
2003-01-04 18:55 ` jamal
2003-01-04 18:36 ` Julian Anastasov
2003-01-04 19:04 ` jamal
2003-01-05 11:45 ` Julian Anastasov
2003-01-06 13:44 ` jamal
2003-01-06 15:00 ` Julian Anastasov
2003-01-06 17:23 ` jamal [this message]
2003-01-04 7:32 ` Jeff Garzik
2003-01-04 17:43 ` jamal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20030106121218.R57730@shell.cyberus.ca \
--to=hadi@cyberus.ca \
--cc=Alexandre.Cassen@wanadoo.fr \
--cc=becker@scyld.com \
--cc=greearb@candelatech.com \
--cc=ja@ssi.bg \
--cc=jgarzik@pobox.com \
--cc=netdev@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).