* [PATCH 1/2] bcma: BCMA_DRIVER_GPIO should depend on GPIOLIB instead of selecting it
From: Geert Uytterhoeven @ 2012-12-16 15:35 UTC (permalink / raw)
To: Hauke Mehrtens, Rafał Miłecki, Michael Buesch
Cc: linux-wireless, netdev, linux-kernel, Geert Uytterhoeven
Commit cf0936b06d8e98a157630e99f647e2ff6d29d7ad ("bcma: add GPIO driver")
added BCMA_DRIVER_GPIO, which unconditionally selects GPIOLIB, causing
a Kconfig warning:
warning: (ARCH_REQUIRE_GPIOLIB && SSB_DRIVER_GPIO && BCMA_DRIVER_GPIO && MFD_TC6393XB && FB_VIA) selects GPIOLIB which has unmet direct dependencies (ARCH_WANT_OPTIONAL_GPIOLIB || ARCH_REQUIRE_GPIOLIB)
and build failure for m68k/allmodconfig:
In file included from include/linux/bcma/bcma.h:8,
from drivers/bcma/bcma_private.h:9,
from drivers/bcma/main.c:9:
include/linux/bcma/bcma_driver_chipcommon.h:582: error: field ‘gpio’ has incomplete type
In file included from include/linux/bcma/bcma.h:12,
from drivers/bcma/bcma_private.h:9,
from drivers/bcma/main.c:9:
include/linux/ssb/ssb.h:440: error: field ‘gpio’ has incomplete type
make[4]: *** [drivers/bcma/main.o] Error 1
make[3]: *** [drivers/bcma/] Error 2
Turn the select into a dependency to fix this.
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
---
drivers/bcma/Kconfig | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/drivers/bcma/Kconfig b/drivers/bcma/Kconfig
index d7b56a8..8b4221c 100644
--- a/drivers/bcma/Kconfig
+++ b/drivers/bcma/Kconfig
@@ -67,8 +67,7 @@ config BCMA_DRIVER_GMAC_CMN
config BCMA_DRIVER_GPIO
bool "BCMA GPIO driver"
- depends on BCMA
- select GPIOLIB
+ depends on BCMA && GPIOLIB
help
Driver to provide access to the GPIO pins of the bcma bus.
--
1.7.0.4
^ permalink raw reply related
* [PATCH 2/2] ssb: SSB_DRIVER_GPIO should depend on GPIOLIB instead of selecting it
From: Geert Uytterhoeven @ 2012-12-16 15:35 UTC (permalink / raw)
To: Hauke Mehrtens, Rafał Miłecki, Michael Buesch
Cc: linux-wireless, netdev, linux-kernel, Geert Uytterhoeven
In-Reply-To: <1355672136-24808-1-git-send-email-geert@linux-m68k.org>
Commit ec43b08b5733494ad88aa618ecdf534320dd8207 ("ssb: add GPIO driver")
added SSB_DRIVER_GPIO, which unconditionally selects GPIOLIB, causing
a Kconfig warning:
warning: (ARCH_REQUIRE_GPIOLIB && SSB_DRIVER_GPIO && BCMA_DRIVER_GPIO && MFD_TC6393XB && FB_VIA) selects GPIOLIB which has unmet direct dependencies (ARCH_WANT_OPTIONAL_GPIOLIB || ARCH_REQUIRE_GPIOLIB)
and build failure for m68k/allmodconfig:
In file included from drivers/ssb/ssb_private.h:5,
from drivers/ssb/main.c:12:
include/linux/ssb/ssb.h:440: error: field ‘gpio’ has incomplete type
make[4]: *** [drivers/ssb/main.o] Error 1
make[3]: *** [drivers/ssb/] Error 2
Turn the select into a dependency to fix this.
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
---
drivers/ssb/Kconfig | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/drivers/ssb/Kconfig b/drivers/ssb/Kconfig
index ff3c8a2..5d6f2ec 100644
--- a/drivers/ssb/Kconfig
+++ b/drivers/ssb/Kconfig
@@ -162,8 +162,7 @@ config SSB_DRIVER_GIGE
config SSB_DRIVER_GPIO
bool "SSB GPIO driver"
- depends on SSB
- select GPIOLIB
+ depends on SSB && GPIOLIB
help
Driver to provide access to the GPIO pins on the bus.
--
1.7.0.4
^ permalink raw reply related
* [PATCH] ipv6: Fix Makefile offload objects
From: Simon Arlott @ 2012-12-16 16:47 UTC (permalink / raw)
To: David Miller; +Cc: Linux Kernel Mailing List, netdev, Vlad Yasevich
The following commit breaks IPv6 TCP transmission for me:
Commit 75fe83c32248d99e6d5fe64155e519b78bb90481
Author: Vlad Yasevich <vyasevic@redhat.com>
Date: Fri Nov 16 09:41:21 2012 +0000
ipv6: Preserve ipv6 functionality needed by NET
This patch fixes the typo "ipv6_offload" which should be
"ipv6-offload".
I don't know why not including the offload modules should
break TCP. Disabling all offload options on the NIC didn't
help. Outgoing pulseaudio traffic kept stalling.
Signed-off-by: Simon Arlott <simon@fire.lp0.eu>
---
net/ipv6/Makefile | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/net/ipv6/Makefile b/net/ipv6/Makefile
index 2068ac4..4ea2448 100644
--- a/net/ipv6/Makefile
+++ b/net/ipv6/Makefile
@@ -41,6 +41,6 @@ obj-$(CONFIG_IPV6_TUNNEL) += ip6_tunnel.o
obj-$(CONFIG_IPV6_GRE) += ip6_gre.o
obj-y += addrconf_core.o exthdrs_core.o
-obj-$(CONFIG_INET) += output_core.o protocol.o $(ipv6_offload)
+obj-$(CONFIG_INET) += output_core.o protocol.o $(ipv6-offload)
obj-$(subst m,y,$(CONFIG_IPV6)) += inet6_hashtables.o
--
1.7.8.rc3
--
Simon Arlott
^ permalink raw reply related
* Re: tc ipt action
From: Jamal Hadi Salim @ 2012-12-16 16:48 UTC (permalink / raw)
To: Hasan Chowdhury
Cc: Jan Engelhardt, Yury Stankevich, netdev@vger.kernel.org, pablo,
netfilter-devel
In-Reply-To: <CAASe=fQT2pVOK0uctdaKL+aOrF8nYeTMfoF15kmd-rC02+7Vnw@mail.gmail.com>
On 12-12-16 10:17 AM, Hasan Chowdhury wrote:
>
>
> [Hasan**] I thought "xt" is a supported action kind for
> iproute2-3.6.0. Besides with a default compilation it compiled m_xt.c
> (not m_ipt.c ) linked with shared object m_xt.so
>
It is - but my hope is not to change the interface to existing scripts.
One approach is rename "xt" to "ipt" and make the old vs new ways
mutually exclusive based on Config options. But that will add more to
baggage of all sorts of workarounds for 13 versions of iptables changing
interfaces. My goal was to have a staged way to kill the old way but
maintain the same command interface. I was hoping not to change
the kernel but based on your patch, that may be the best place to place
warnings about deprecating APIs (so maybe i will add support for "xt"
and warn about "ipt"). Would you be able to test that kernel patch?
> the workaround exits in the patch for file m_action (see the changes
> there ) as netlink reply from kernel for this tc u32 action xt command
> comes as .kind = "ipt" instead of xt (assumed act_ipt.c in kernle
> is not aware of new xt extensions .)
The most important part of your patch that i missed is you took
care of some of the new API changes Pablo mentioned. I am suspicious of
one of them: why call xtables_options_xfrm(). Pablo/Jan, could you
please look at Hasan's patch in m_xt.c?
Also, your patch doesnt compile for me. Can you please provide a version
against the latest iproute2 git tree?
cheers,
jamal
^ permalink raw reply
* Re: [PATCH] ipv6: Fix Makefile offload objects
From: Simon Arlott @ 2012-12-16 16:52 UTC (permalink / raw)
To: netdev
In-Reply-To: <50CDFB36.1020604@simon.arlott.org.uk>
[-- Attachment #1: Type: text/plain, Size: 612 bytes --]
On 16/12/12 16:47, Simon Arlott wrote:
> The following commit breaks IPv6 TCP transmission for me:
> Commit 75fe83c32248d99e6d5fe64155e519b78bb90481
> Author: Vlad Yasevich <vyasevic@redhat.com>
> Date: Fri Nov 16 09:41:21 2012 +0000
> ipv6: Preserve ipv6 functionality needed by NET
>
> This patch fixes the typo "ipv6_offload" which should be
> "ipv6-offload".
>
> I don't know why not including the offload modules should
> break TCP. Disabling all offload options on the NIC didn't
> help. Outgoing pulseaudio traffic kept stalling.
Attached packet capture (on the affected host).
--
Simon Arlott
[-- Attachment #2: tcpv6-stalls.pcap.bz2 --]
[-- Type: application/x-bzip, Size: 254391 bytes --]
^ permalink raw reply
* Re: [PATCH] build: unbreak linkage of m_xt.so
From: Jamal Hadi Salim @ 2012-12-16 17:03 UTC (permalink / raw)
To: Jan Engelhardt
Cc: stephen.hemminger, vapier, netdev, urykhy, shemonc, pablo,
netfilter-devel
In-Reply-To: <50CDA2DA.3060805@mojatatu.com>
On 12-12-16 05:30 AM, Jamal Hadi Salim wrote:
> I can confirm it builds fine for me now if i take out the hack I had and
> use this patch.
Sorry, I take what i said back and went back to explicitly adding -l
xtables. The problem is still the intepretation of tc/Makefile. Here's
the compile output.
----
gcc -Wall -Wstrict-prototypes -O2 -I../include -DRESOLVE_HOSTNAMES
-DLIBDIR=\"/usr/lib\" -DCONFDIR=\"/etc/iproute2\" -D_GNU_SOURCE
-DCONFIG_GACT -DCONFIG_GACT_PROB -DIPT_LIB_DIR=\"/lib/xtables\"
-DYY_NO_INPUT -Wl,-export-dynamic -shared -fpic -o m_xt.so m_xt.c
$(pkg-config xtables --cflags --libs)
----
Note the missing expansion.
cheers,
jamal
^ permalink raw reply
* Re: [PATCH] ipv6: Fix Makefile offload objects
From: David Miller @ 2012-12-16 17:17 UTC (permalink / raw)
To: simon; +Cc: linux-kernel, netdev, vyasevic
In-Reply-To: <50CDFB36.1020604@simon.arlott.org.uk>
From: Simon Arlott <simon@fire.lp0.eu>
Date: Sun, 16 Dec 2012 16:47:50 +0000
> The following commit breaks IPv6 TCP transmission for me:
> Commit 75fe83c32248d99e6d5fe64155e519b78bb90481
> Author: Vlad Yasevich <vyasevic@redhat.com>
> Date: Fri Nov 16 09:41:21 2012 +0000
> ipv6: Preserve ipv6 functionality needed by NET
>
> This patch fixes the typo "ipv6_offload" which should be
> "ipv6-offload".
>
> I don't know why not including the offload modules should
> break TCP. Disabling all offload options on the NIC didn't
> help. Outgoing pulseaudio traffic kept stalling.
>
> Signed-off-by: Simon Arlott <simon@fire.lp0.eu>
Applied, since the fix is so obvious.
I'll let Vlad explain why it has such an unexpected
effect.
Thanks.
^ permalink raw reply
* Re: tc ipt action
From: Jan Engelhardt @ 2012-12-16 17:21 UTC (permalink / raw)
To: Jamal Hadi Salim
Cc: Pablo Neira Ayuso, Yury Stankevich, shemonc,
netdev@vger.kernel.org, netfilter-devel
In-Reply-To: <50CDA5BE.2080800@mojatatu.com>
On Sunday 2012-12-16 11:43, Jamal Hadi Salim wrote:
> On 12-12-15 07:59 PM, Jan Engelhardt wrote:
>>
>
>> For the C level, there is XTABLES_VERSION_CODE.
>>
>> #if XTABLES_VERSION_CODE >= 6
>> if (m != NULL && m->x6_parse != NULL)
>> m->x6_parse(...)
>> #else
>> else if (m != NULL && m->parse != NULL)
>> m->parse(...)
>> ...
>>
>
> I think you are suggesting this to be done in tc. That would make it easier to
> fix.
> IMO, it is easier to keep backward compat if you left the old
> APIs around for a period of time
As you can see, the old ->parse() that goes back to libxtables.so.0
still remains. It's just that... only 5 out of 99 plugins still come
with an old parse function.
[m_xt] -> [libxtables] <- (plugins: libxt_*.so)
> and maybe log a warning that they
> will be deprecated over a period of time (sort of like kernel approach to
> changing APIs).
old parse has not entered any deprecation stage yet, since there are still
plugins out there (both the 5 and external ones) that make use of it.
Right now, both parse and x6_parse are valid.
> BTW: another interface that seems to have changed that we
> need is m->final_check().
Yes, all those with an x6_ prefix are new.
Mh, I already dream of plans reducing m_xt to something that
does not require libxtables.so anymore.
^ permalink raw reply
* Re: [PATCH] build: unbreak linkage of m_xt.so
From: Jan Engelhardt @ 2012-12-16 17:43 UTC (permalink / raw)
To: Jamal Hadi Salim
Cc: stephen.hemminger, vapier, netdev, urykhy, shemonc, pablo,
netfilter-devel
In-Reply-To: <50CDFEFB.2070208@mojatatu.com>
On Sunday 2012-12-16 18:03, Jamal Hadi Salim wrote:
> On 12-12-16 05:30 AM, Jamal Hadi Salim wrote:
>
>> I can confirm it builds fine for me now if i take out the hack I had and
>> use this patch.
>
>
> Sorry, I take what i said back and went back to explicitly adding -l xtables.
> The problem is still the intepretation of tc/Makefile. Here's the compile
> output.
> ----
> gcc -Wall -Wstrict-prototypes -O2 -I../include -DRESOLVE_HOSTNAMES
> -DLIBDIR=\"/usr/lib\" -DCONFDIR=\"/etc/iproute2\" -D_GNU_SOURCE -DCONFIG_GACT
> -DCONFIG_GACT_PROB -DIPT_LIB_DIR=\"/lib/xtables\" -DYY_NO_INPUT
> -Wl,-export-dynamic -shared -fpic -o m_xt.so m_xt.c $(pkg-config xtables
> --cflags --libs)
> ----
I saw the same during make, _but_, on running `ldd tc/m_xt.so`, I got a
libxtables.so entry, so I thought I was fine.
"$() "is something for the shell to expand, not make. See this testcase.
$ make
echo $(pkg-config xtables --cflags --libs)
-I/usr/include/iptables-1.4.16.3 -lxtables
$ cat Makefile
a:
echo $$(pkg-config xtables --cflags --libs)
^ permalink raw reply
* Re: tc ipt action
From: Jamal Hadi Salim @ 2012-12-16 17:47 UTC (permalink / raw)
To: Jan Engelhardt
Cc: Pablo Neira Ayuso, Yury Stankevich, shemonc,
netdev@vger.kernel.org, netfilter-devel
In-Reply-To: <alpine.LNX.2.01.1212161815310.27614@nerf07.vanv.qr>
On 12-12-16 12:21 PM, Jan Engelhardt wrote:
>
>
> As you can see, the old ->parse() that goes back to libxtables.so.0
> still remains. It's just that... only 5 out of 99 plugins still come
> with an old parse function.
>
I see.
So calling m->XXX may not be a wise long term solution.
Hasan's patch has a call to xtables_option_tpcall(), if that is the
right interface I hope that going forward if any of the m->parseXX
changes you will take care of hiding all that stuff.
> old parse has not entered any deprecation stage yet, since there are still
> plugins out there (both the 5 and external ones) that make use of it.
> Right now, both parse and x6_parse are valid.
>
True - but we are getting broken because we are using a call that only 5
or so users provide. It would have saved us time if we got the
a good log message instead of checking for if !m->parse()
> Yes, all those with an x6_ prefix are new.
> Mh, I already dream of plans reducing m_xt to something that
> does not require libxtables.so anymore.
>
That would be nice - but someone is going to have to link to libxtables, no?
cheers,
jamal
^ permalink raw reply
* Re: [PATCH] build: unbreak linkage of m_xt.so
From: Jamal Hadi Salim @ 2012-12-16 18:05 UTC (permalink / raw)
To: Jan Engelhardt
Cc: stephen.hemminger, vapier, netdev, urykhy, shemonc, pablo,
netfilter-devel
In-Reply-To: <alpine.LNX.2.01.1212161841070.27614@nerf07.vanv.qr>
On 12-12-16 12:43 PM, Jan Engelhardt wrote:
> On Sunday 2012-12-16 18:03, Jamal Hadi Salim wrote:
>
>
> I saw the same during make, _but_, on running `ldd tc/m_xt.so`, I got a
> libxtables.so entry, so I thought I was fine.
>
Sorry, you are right. Without your patch that doesnt happen. I had
removed the global dlopen while debugging, so it was using the wrong
m_xt.so
So my Ack is back on;->
cheers,
jamal
^ permalink raw reply
* Re: tc ipt action
From: Jamal Hadi Salim @ 2012-12-16 18:59 UTC (permalink / raw)
To: Hasan Chowdhury
Cc: Jan Engelhardt, Yury Stankevich, netdev@vger.kernel.org, pablo,
netfilter-devel
In-Reply-To: <50CDFB6A.3090806@mojatatu.com>
Hasan,
I can confirm that xtables_options_xfrm() works.
Just suspicious of that call, "xfrm" seems too specific to xfrm
subsystem but generic enough.
Dont bother resending the patch, it works right now, I am just
waiting for confirmation from Pablo/Jan and i will proceed from there.
I am also still struggling with whether to add your intermediate
solution to rename the xt->ipt.
I think i will go ahead and add a kernel change.
cheers,
jamal
^ permalink raw reply
* Re: tc ipt action
From: Jan Engelhardt @ 2012-12-16 18:59 UTC (permalink / raw)
To: Jamal Hadi Salim
Cc: Pablo Neira Ayuso, Yury Stankevich, shemonc,
netdev@vger.kernel.org, netfilter-devel
In-Reply-To: <50CE0921.7060306@mojatatu.com>
On Sunday 2012-12-16 18:47, Jamal Hadi Salim wrote:
>
>> old parse has not entered any deprecation stage yet, since there are still
>> plugins out there (both the 5 and external ones) that make use of it.
>> Right now, both parse and x6_parse are valid.
>
> True - but we are getting broken because we are using a call that only 5 or so
> users provide. It would have saved us time if we got the
> a good log message instead of checking for if !m->parse()
A certainly safe bet would be to write, at the top of tc/m_xt.c,
#if XTABLES_VERSION_CODE > 9
# error Someone call the guy who changed iptables and \
make him fix it^W^W^W^W say you need help.
#endif
Then I would automatically notify myself of "oh I need fix that too" when I
feed any new releases of {iptables, iproute} through the Open Build Service.
>> Yes, all those with an x6_ prefix are new.
>> Mh, I already dream of plans reducing m_xt to something that
>> does not require libxtables.so anymore.
>
> That would be nice - but someone is going to have to link to libxtables, no?
I hope the complete opposite.
The following is a rough, it-compiles, untested never-run, draft of a
module. The vision here is that userspace only ever sends a chain
name to the kernel. The git tree/branch for it is
git://git.inai.de/linux xt2-pktsched
commit 42c559c148cbbc22bf2cc29f2ad08bc330891838
net_sched: act: new action to call into Xtables2 chains
include/net/netfilter/xt_core.h | 8 ++
include/uapi/linux/tc_act/tc_ipt.h | 2 +
net/netfilter/xt_core.c | 3 +-
net/sched/Kconfig | 9 ++
net/sched/Makefile | 1 +
net/sched/act_xtables.c | 238 ++++++++++++++++++++++++++++++++++++
6 files changed, 260 insertions(+), 1 deletion(-)
^ permalink raw reply
* Re: tc ipt action
From: Jan Engelhardt @ 2012-12-16 19:13 UTC (permalink / raw)
To: Jamal Hadi Salim
Cc: Hasan Chowdhury, Yury Stankevich, netdev@vger.kernel.org, pablo,
netfilter-devel
In-Reply-To: <50CE1A04.1000405@mojatatu.com>
On Sunday 2012-12-16 19:59, Jamal Hadi Salim wrote:
> Hasan,
>
> I can confirm that xtables_options_xfrm() works.
> Just suspicious of that call, "xfrm" seems too specific to xfrm
> subsystem but generic enough.
Heh, nah.
"xfrm" is one of these pictogram-based abbreviations like "xing" (the
thing they paint on roads/signs), apparently standing for "trans"form
and "cross"ing, respectively, though 'x' is ambiguous and open to a lot
of other interpretations.
^ permalink raw reply
* Re: tc ipt action
From: Jamal Hadi Salim @ 2012-12-16 20:35 UTC (permalink / raw)
To: Jan Engelhardt
Cc: Pablo Neira Ayuso, Yury Stankevich, shemonc,
netdev@vger.kernel.org, netfilter-devel
In-Reply-To: <alpine.LNX.2.01.1212161850530.27614@nerf07.vanv.qr>
On 12-12-16 01:59 PM, Jan Engelhardt wrote:
>
>
> A certainly safe bet would be to write, at the top of tc/m_xt.c,
>
> #if XTABLES_VERSION_CODE > 9
> # error Someone call the guy who changed iptables and \
> make him fix it^W^W^W^W say you need help.
> #endif
>
Excellent idea ;->
> The following is a rough, it-compiles, untested never-run, draft of a
> module. The vision here is that userspace only ever sends a chain
> name to the kernel. The git tree/branch for it is
>
> git://git.inai.de/linux xt2-pktsched
>
> commit 42c559c148cbbc22bf2cc29f2ad08bc330891838
>
I'll look at it later - very slow connection at the moment so cloning
will take a while.
cheers,
jamal
^ permalink raw reply
* Re: tc ipt action
From: Jamal Hadi Salim @ 2012-12-16 20:36 UTC (permalink / raw)
To: Jan Engelhardt
Cc: Hasan Chowdhury, Yury Stankevich, netdev@vger.kernel.org, pablo,
netfilter-devel
In-Reply-To: <alpine.LNX.2.01.1212162003340.27614@nerf07.vanv.qr>
On 12-12-16 02:13 PM, Jan Engelhardt wrote:
>
> "xfrm" is one of these pictogram-based abbreviations like "xing" (the
> thing they paint on roads/signs), apparently standing for "trans"form
> and "cross"ing, respectively, though 'x' is ambiguous and open to a lot
> of other interpretations.
Ok, In that case i'll push half of Hasan's patch. I have a kernel change
that works with it.
cheers,
jamal
^ permalink raw reply
* [PATCH] iproute2: act_ipt fix xtables breakage
From: Jamal Hadi Salim @ 2012-12-16 20:41 UTC (permalink / raw)
To: Stephen Hemminger
Cc: Hasan Chowdhury, Jan Engelhardt, Yury Stankevich,
netdev@vger.kernel.org, pablo, netfilter-devel
In-Reply-To: <alpine.LNX.2.01.1212162003340.27614@nerf07.vanv.qr>
[-- Attachment #1: Type: text/plain, Size: 307 bytes --]
Attached.
I am going to send a kernel patch as well.
There is an "intermediate solution" from Hasan which doesnt require
the kernel change. It changes the kernel endpoint to "ipt". I am
conflicted because it is a quick hack while otoh forcing people to
upgrade kernel is a usability issue.
cheers,
jamal
[-- Attachment #2: patch-xt --]
[-- Type: text/plain, Size: 4163 bytes --]
commit ff707eaa1fd51435958ae2afcd09d4b3600160b4
Author: Hasan Chowdhury <shemonc@gmail.com>
Date: Sun Dec 16 14:09:38 2012 -0500
Fixes breakage with xtables API starting with version 1.4.10
Signed-off-by: Hasan Chowdhury <shemonc@gmail.com>
Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
diff --git a/tc/m_xt.c b/tc/m_xt.c
index bcc4d75..e1c3f38 100644
--- a/tc/m_xt.c
+++ b/tc/m_xt.c
@@ -118,6 +118,7 @@ static int parse_ipt(struct action_util *a,int *argc_p,
struct xtables_target *m = NULL;
struct ipt_entry fw;
struct rtattr *tail;
+
int c;
int rargc = *argc_p;
char **argv = *argv_p;
@@ -126,6 +127,7 @@ static int parse_ipt(struct action_util *a,int *argc_p,
int size = 0;
int iok = 0, ok = 0;
__u32 hook = 0, index = 0;
+ struct option *opts = NULL;
xtables_init_all(&tcipt_globals, NFPROTO_IPV4);
set_lib_dir();
@@ -158,14 +160,22 @@ static int parse_ipt(struct action_util *a,int *argc_p,
printf(" %s error \n", m->name);
return -1;
}
- tcipt_globals.opts =
- xtables_merge_options(
#if (XTABLES_VERSION_CODE >= 6)
- tcipt_globals.orig_opts,
+ opts = xtables_options_xfrm(tcipt_globals.orig_opts,
+ tcipt_globals.opts,
+ m->x6_options,
+ &m->option_offset);
+#else
+ opts = xtables_merge_options(tcipt_globals.orig_opts,
+ tcipt_globals.opts,
+ m->extra_opts,
+ &m->option_offset);
#endif
- tcipt_globals.opts,
- m->extra_opts,
- &m->option_offset);
+ if (opts == NULL) {
+ fprintf(stderr, " failed to find aditional options for target %s\n\n", optarg);
+ return -1;
+ } else
+ tcipt_globals.opts = opts;
} else {
fprintf(stderr," failed to find target %s\n\n", optarg);
return -1;
@@ -175,17 +185,21 @@ static int parse_ipt(struct action_util *a,int *argc_p,
default:
memset(&fw, 0, sizeof (fw));
- if (m) {
- m->parse(c - m->option_offset, argv, 0,
- &m->tflags, NULL, &m->t);
+#if (XTABLES_VERSION_CODE >= 6)
+ if (m != NULL && m->x6_parse != NULL ) {
+ xtables_option_tpcall(c, argv, 0 , m, NULL);
+#else
+ if (m != NULL && m->parse != NULL ) {
+ m->parse(c - m->option_offset, argv, 0, &m->tflags,
+ NULL, &m->t);
+#endif
} else {
- fprintf(stderr," failed to find target %s\n\n", optarg);
+ fprintf(stderr,"failed to find target %s\n\n", optarg);
return -1;
}
ok++;
break;
-
}
}
@@ -208,8 +222,13 @@ static int parse_ipt(struct action_util *a,int *argc_p,
}
/* check that we passed the correct parameters to the target */
+#if (XTABLES_VERSION_CODE >= 6)
+ if (m)
+ xtables_option_tfcall(m);
+#else
if (m && m->final_check)
m->final_check(m->tflags);
+#endif
{
struct tcmsg *t = NLMSG_DATA(n);
@@ -271,6 +290,7 @@ print_ipt(struct action_util *au,FILE * f, struct rtattr *arg)
{
struct rtattr *tb[TCA_IPT_MAX + 1];
struct xt_entry_target *t = NULL;
+ struct option *opts = NULL;
if (arg == NULL)
return -1;
@@ -309,14 +329,22 @@ print_ipt(struct action_util *au,FILE * f, struct rtattr *arg)
return -1;
}
- tcipt_globals.opts =
- xtables_merge_options(
#if (XTABLES_VERSION_CODE >= 6)
- tcipt_globals.orig_opts,
+ opts = xtables_options_xfrm(tcipt_globals.orig_opts,
+ tcipt_globals.opts,
+ m->x6_options,
+ &m->option_offset);
+#else
+ opts = xtables_merge_options(tcipt_globals.orig_opts,
+ tcipt_globals.opts,
+ m->extra_opts,
+ &m->option_offset);
#endif
- tcipt_globals.opts,
- m->extra_opts,
- &m->option_offset);
+ if (opts == NULL) {
+ fprintf(stderr, " failed to find aditional options for target %s\n\n", optarg);
+ return -1;
+ } else
+ tcipt_globals.opts = opts;
} else {
fprintf(stderr, " failed to find target %s\n\n",
t->u.user.name);
@@ -355,4 +383,3 @@ struct action_util xt_action_util = {
.parse_aopt = parse_ipt,
.print_aopt = print_ipt,
};
-
^ permalink raw reply related
* Re: tc ipt action
From: Jan Engelhardt @ 2012-12-16 21:21 UTC (permalink / raw)
To: Jamal Hadi Salim
Cc: Pablo Neira Ayuso, Yury Stankevich, shemonc,
netdev@vger.kernel.org, netfilter-devel
In-Reply-To: <50CE307E.40304@mojatatu.com>
On Sunday 2012-12-16 21:35, Jamal Hadi Salim wrote:
>> git://git.inai.de/linux xt2-pktsched
>> commit 42c559c148cbbc22bf2cc29f2ad08bc330891838
>
> I'll look at it later - very slow connection at the moment so cloning will take
> a while.
If you have a preexisting clone of any linux tree, you can utilize
`git remote add ...` to only grab the deltas.
^ permalink raw reply
* Re: [PATCH] add a `make dist` helper
From: Mike Frysinger @ 2012-12-16 21:57 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: Stephen Hemminger, netdev
In-Reply-To: <20121214090935.7d1706fd@nehalam.linuxnetplumber.net>
[-- Attachment #1: Type: Text/Plain, Size: 380 bytes --]
On Friday 14 December 2012 12:09:35 Stephen Hemminger wrote:
> On Thu, 13 Dec 2012 23:16:10 -0800 Stephen Hemminger wrote:
> > I appreciate the effort but there are a number of more steps to doing a
> > release and I need to script them all together.
np
> The tarball's have been rebased, and I built a iproute2-release script for
> next time.
commit it to the tree ? :)
-mike
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 836 bytes --]
^ permalink raw reply
* Re: [PATCH] build: unbreak linkage of m_xt.so
From: Mike Frysinger @ 2012-12-16 22:02 UTC (permalink / raw)
To: Jan Engelhardt
Cc: stephen.hemminger, netdev, jhs, urykhy, shemonc, pablo,
netfilter-devel
In-Reply-To: <1355617968-26138-1-git-send-email-jengelh@inai.de>
[-- Attachment #1: Type: Text/Plain, Size: 792 bytes --]
On Saturday 15 December 2012 19:32:48 Jan Engelhardt wrote:
> --- a/configure
> +++ b/configure
> @@ -4,7 +4,6 @@
> INCLUDE=${1:-"$PWD/include"}
>
> : ${PKG_CONFIG:=pkg-config}
> : ${CC=gcc}
>
> -echo "PKG_CONFIG:=${PKG_CONFIG}" >>Config
>
> # Make a temp directory in build tree.
> TMPDIR=$(mktemp -d config.XXXXXX)
> @@ -224,6 +223,7 @@ rm -f $TMPDIR/ipsettest.c $TMPDIR/ipsettest
> }
>
> echo "# Generated config based on" $INCLUDE >Config
> +echo "PKG_CONFIG:=${PKG_CONFIG}" >>Config
>
> echo "TC schedulers"
the use of un-indented shell functions makes the code read in a way it doesn't
actually execute. i'd suggest moving this logic into a function to match
existing style rather than simply moving the Config write. i'll post a patch.
-mike
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 836 bytes --]
^ permalink raw reply
* [PATCH 1/3] configure: move toolchain init to a function
From: Mike Frysinger @ 2012-12-16 22:09 UTC (permalink / raw)
To: stephen.hemminger, netdev; +Cc: jengelh
The layout of this file uses functions to update Config. Move the
toolchain logic to the same style to fix setting the vars in Config.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
configure | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/configure b/configure
index 9912114..ea1038d 100755
--- a/configure
+++ b/configure
@@ -2,14 +2,19 @@
# This is not an autconf generated configure
#
INCLUDE=${1:-"$PWD/include"}
-: ${PKG_CONFIG:=pkg-config}
-: ${CC=gcc}
-echo "PKG_CONFIG:=${PKG_CONFIG}" >>Config
# Make a temp directory in build tree.
TMPDIR=$(mktemp -d config.XXXXXX)
trap 'status=$?; rm -rf $TMPDIR; exit $status' EXIT HUP INT QUIT TERM
+check_toolchain()
+{
+: ${PKG_CONFIG:=pkg-config}
+: ${CC=gcc}
+echo "CC:=${CC}" >>Config
+echo "PKG_CONFIG:=${PKG_CONFIG}" >>Config
+}
+
check_atm()
{
cat >$TMPDIR/atmtest.c <<EOF
@@ -224,6 +229,7 @@ rm -f $TMPDIR/ipsettest.c $TMPDIR/ipsettest
}
echo "# Generated config based on" $INCLUDE >Config
+check_toolchain
echo "TC schedulers"
--
1.8.0
^ permalink raw reply related
* [PATCH 2/3] lib: include the Config file too
From: Mike Frysinger @ 2012-12-16 22:09 UTC (permalink / raw)
To: stephen.hemminger, netdev; +Cc: jengelh
In-Reply-To: <1355695757-9957-1-git-send-email-vapier@gentoo.org>
The lib makefile doesn't include Config which means it misses
setting up toolchain vars that it includes.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
lib/Makefile | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/Makefile b/lib/Makefile
index bfbe672..a42b885 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -1,3 +1,5 @@
+include ../Config
+
CFLAGS += -fPIC
UTILOBJ=utils.o rt_names.o ll_types.o ll_proto.o ll_addr.o inet_proto.o
--
1.8.0
^ permalink raw reply related
* [PATCH 3/3] configure: pull AR from the env too
From: Mike Frysinger @ 2012-12-16 22:09 UTC (permalink / raw)
To: stephen.hemminger, netdev; +Cc: jengelh
In-Reply-To: <1355695757-9957-1-git-send-email-vapier@gentoo.org>
This matches the existing CC behavior.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
configure | 2 ++
1 file changed, 2 insertions(+)
diff --git a/configure b/configure
index ea1038d..7c2db9b 100755
--- a/configure
+++ b/configure
@@ -10,7 +10,9 @@ trap 'status=$?; rm -rf $TMPDIR; exit $status' EXIT HUP INT QUIT TERM
check_toolchain()
{
: ${PKG_CONFIG:=pkg-config}
+: ${AR=ar}
: ${CC=gcc}
+echo "AR:=${AR}" >>Config
echo "CC:=${CC}" >>Config
echo "PKG_CONFIG:=${PKG_CONFIG}" >>Config
}
--
1.8.0
^ permalink raw reply related
* Re: [PATCH v2] netfilter: nf_nat: Also handle non-ESTABLISHED routing changes in MASQUERADE
From: Pablo Neira Ayuso @ 2012-12-16 22:33 UTC (permalink / raw)
To: Jozsef Kadlecsik; +Cc: Andrew Collins, netfilter-devel, netdev
In-Reply-To: <alpine.DEB.2.00.1212130918410.2048@blackhole.kfki.hu>
On Thu, Dec 13, 2012 at 09:19:27AM +0100, Jozsef Kadlecsik wrote:
> On Wed, 12 Dec 2012, Andrew Collins wrote:
>
> > The MASQUERADE target now handles routing changes which affect
> > the output interface of a connection, but only for ESTABLISHED
> > connections. It is also possible for NEW connections which
> > already have a conntrack entry to be affected by routing changes.
> >
> > This adds a check to drop entries in the NEW+conntrack state
> > when the oif has changed.
> >
> > Signed-off-by: Andrew Collins <bsderandrew@gmail.com>
>
> Acked-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Applied, thanks guys.
^ permalink raw reply
* Re: [PATCH] Fix comment for packets without data
From: Pablo Neira Ayuso @ 2012-12-16 22:38 UTC (permalink / raw)
To: Rick Jones; +Cc: Florent Fourcot, yoshfuji, netdev, netfilter-devel
In-Reply-To: <50CB9A16.1090006@hp.com>
On Fri, Dec 14, 2012 at 01:28:54PM -0800, Rick Jones wrote:
> On 12/14/2012 02:53 AM, Florent Fourcot wrote:
> >Remove ambiguity of double negation
> >
> >Signed-off-by: Florent Fourcot <florent.fourcot@enst-bretagne.fr>
> >---
> > net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> >diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
> >index 00ee17c..137e245 100644
> >--- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
> >+++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
> >@@ -81,8 +81,8 @@ static int ipv6_get_l4proto(const struct sk_buff *skb, unsigned int nhoff,
> > }
> > protoff = ipv6_skip_exthdr(skb, extoff, &nexthdr, &frag_off);
> > /*
> >- * (protoff == skb->len) mean that the packet doesn't have no data
> >- * except of IPv6 & ext headers. but it's tracked anyway. - YK
> >+ * (protoff == skb->len) means the packet has not data, just
> >+ * IPv6 and possibly extensions headers, but it is tracked anyway
> > */
> > if (protoff < 0 || (frag_off & htons(~0x7)) != 0) {
> > pr_debug("ip6_conntrack_core: can't find proto in pkt\n");
> >
>
> Acked-by: Rick Jones <rick.jones2@hp.com>
Applied, thanks.
That was many discussion for a patch to fix a comment, nice indeed :-)
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox