From: Patrick McHardy <kaber@trash.net>
To: Thomas Graf <tgraf@suug.ch>
Cc: jamal <hadi@cyberus.ca>, netdev@oss.sgi.com
Subject: Re: [RFC] meta ematch
Date: Fri, 14 Jan 2005 02:13:40 +0100 [thread overview]
Message-ID: <41E71CC4.3020102@trash.net> (raw)
In-Reply-To: <20050113192047.GQ26856@postel.suug.ch>
Thomas Graf wrote:
>* Patrick McHardy <41E6C3E5.2020908@trash.net> 2005-01-13 19:54
>
>
>
>>Looks great. I have a few doubts about about the set of chosen values
>>though. Things like nf_debug and nf_cache were never meant to be
>>userspace-visible. What about backwards compatibility if we want to
>>remove it, or some other more meaningful value where just returning 0
>>wouldn't be the same ?
>>
>>
>
>It is indeed problematic and they should be marked as "for debugging
>purposes (unreliable)" but at least nf_debug and nfctinfo are
>very useful for debugging.
>
True. nfctinfo is even useful for more, the direction of a connection
might be interesting. connmark, conntrack counters, src-ip before SNAT
etc. might also be interesting, but they are horrible to implement cleanly
because any dependency on ip_conntrack_lock will automatically load
ip_conntrack. Perhaps we should add something like nf_ct_get_afinfo() to
return a set of conntrack operations to nf_conntrack.
For things beside the nf* fields: I think we should make it very clear
that everything that isn't already visible to userspace in some way, and
thus won't disappear (like priority, nfmark, load average ...), can get
changed/removed any time.
>>- var_dev sets dst->value to dev->name, meta_var_destroy will try to
>> free dev->name.
>>
>>
>
>The `dst` meta_value is the l_value/r_lvalue from em_meta_match and
>never gets destroyed. I reused meta_data to store address & length.
>It might be a good idea to make a new struct for this to make it
>more readable though.
>
Looks good to me already. I only looked at the diff, so I didn't really
follow the codepath.
>>- meta_int_change only uses 32 bit, but dst->value is unsigned long
>> (64 bit on 64-bit arches). nfmark for example is unsigned long, so
>> you should also use *(unsigned long *).
>>
>>
>
>Doesn't work when size of long differs between kernel and userspace.
>I'm aware of this but it seems everyone is using int anyway for nfmark,
>so yes this indeed limits the use of nfmark match to only 32 bits
>on 64bit machines. The proper way is to introduce a new type
>TCF_EM_TYPE_INT64 and access nfmark over it but I didn't want to
>create a new type just because of this special case. We can always
>add it later as addition to the 32bit version.
>
>
Shouldn't be too hard to get right. In the kernel you can decide based
on RTA_PAYLOAD. Userspace needs some other way to notice it is running
as a 32-bit binary on a 64-bit kernel, but that's something you can't
solve in the kernel anyway.
Regards
Patrick
next prev parent reply other threads:[~2005-01-14 1:13 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-01-03 12:56 [RFC] ematch API, u32 ematch, nbyte ematch, basic classifier Thomas Graf
2005-01-04 4:13 ` jamal
2005-01-04 12:03 ` Thomas Graf
2005-01-04 13:19 ` jamal
2005-01-04 13:46 ` Thomas Graf
2005-01-04 12:27 ` Thomas Graf
2005-01-04 13:22 ` jamal
2005-01-04 13:41 ` Thomas Graf
2005-01-05 2:54 ` jamal
2005-01-05 11:09 ` Thomas Graf
2005-01-04 22:36 ` Thomas Graf
2005-01-05 3:12 ` jamal
2005-01-05 11:00 ` Thomas Graf
2005-01-05 13:33 ` jamal
2005-01-05 14:45 ` Thomas Graf
2005-01-05 16:48 ` Thomas Graf
2005-01-06 14:03 ` jamal
2005-01-06 13:47 ` jamal
2005-01-06 19:41 ` Thomas Graf
2005-01-07 13:45 ` jamal
2005-01-08 14:54 ` Thomas Graf
2005-01-10 13:26 ` jamal
2005-01-10 21:17 ` Thomas Graf
2005-01-10 22:05 ` jamal
2005-01-10 23:30 ` Thomas Graf
2005-01-13 17:41 ` [RFC] meta ematch Thomas Graf
2005-01-13 18:54 ` Patrick McHardy
2005-01-13 19:20 ` Thomas Graf
2005-01-14 1:13 ` Patrick McHardy [this message]
2005-01-14 15:14 ` Thomas Graf
2005-01-16 14:58 ` jamal
2005-01-16 15:09 ` Thomas Graf
2005-01-16 15:37 ` jamal
2005-01-16 15:57 ` Thomas Graf
2005-01-16 16:19 ` jamal
2005-01-16 16:49 ` Thomas Graf
2005-01-16 16:11 ` jamal
2005-01-16 16:32 ` Thomas Graf
2005-01-16 17:18 ` jamal
2005-01-16 18:47 ` Thomas Graf
2005-01-16 16:32 ` Patrick McHardy
2005-01-16 17:24 ` jamal
2005-01-05 13:32 ` [RFC] ematch API, u32 ematch, nbyte ematch, basic classifier Florian Weimer
2005-01-05 13:45 ` jamal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=41E71CC4.3020102@trash.net \
--to=kaber@trash.net \
--cc=hadi@cyberus.ca \
--cc=netdev@oss.sgi.com \
--cc=tgraf@suug.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).