netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* Problem using iptables MARK from tc.
@ 2009-01-06 13:24 Andreas Henriksson
  2009-01-12  4:10 ` Patrick McHardy
  0 siblings, 1 reply; 2+ messages in thread
From: Andreas Henriksson @ 2009-01-06 13:24 UTC (permalink / raw)
  To: Patrick McHardy; +Cc: netdev

Hello Patrick and co.

I was hoping you might have some time to help out with a problem in tc
related to iptables modules. A bit of historical knowledge about
libipt_MARK.c is probably useful.

The full bug-report is available at:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510924

In iproute2's tc/m_ipt.c there's a function called get_target_name with
some logic to look up a symbol with the same name as the so-file. (ie.
"mark" for libipt_MARK.so or libxt_MARK.so).
There seems to have been a structure with that name in the past, but
nowadays there are several ones which are jacked in with a registration
hook.

Does this sound about right? Do you have any suggestions on how the tc
modules functionality could be fixed up to find what it needs properly?
The structures doesn't even seem to be exported in the ABI anymore...

-- 
Regards,
Andreas Henriksson

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: Problem using iptables MARK from tc.
  2009-01-06 13:24 Problem using iptables MARK from tc Andreas Henriksson
@ 2009-01-12  4:10 ` Patrick McHardy
  0 siblings, 0 replies; 2+ messages in thread
From: Patrick McHardy @ 2009-01-12  4:10 UTC (permalink / raw)
  To: Andreas Henriksson; +Cc: netdev

Andreas Henriksson wrote:
> Hello Patrick and co.
> 
> I was hoping you might have some time to help out with a problem in tc
> related to iptables modules. A bit of historical knowledge about
> libipt_MARK.c is probably useful.
> 
> The full bug-report is available at:
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510924
> 
> In iproute2's tc/m_ipt.c there's a function called get_target_name with
> some logic to look up a symbol with the same name as the so-file. (ie.
> "mark" for libipt_MARK.so or libxt_MARK.so).
> There seems to have been a structure with that name in the past, but
> nowadays there are several ones which are jacked in with a registration
> hook.
> 
> Does this sound about right? Do you have any suggestions on how the tc
> modules functionality could be fixed up to find what it needs properly?
> The structures doesn't even seem to be exported in the ABI anymore...

We've added a shared library to iptables so m_ipt doesn't have
to reimplement things, which is pretty much guaranteed to break
occasionally. It doesn't contain all the functionality thats
needed yet, but it should be fairly easy to add. Most likely
you just need to move the code around.


^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2009-01-12  4:10 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-01-06 13:24 Problem using iptables MARK from tc Andreas Henriksson
2009-01-12  4:10 ` Patrick McHardy

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).