* [PATCH 1/1] netfilter: ctnetlink: send event when conntrack label was modified
@ 2013-06-21 14:51 Florian Westphal
2013-06-24 15:09 ` Pablo Neira Ayuso
0 siblings, 1 reply; 2+ messages in thread
From: Florian Westphal @ 2013-06-21 14:51 UTC (permalink / raw)
To: netfilter-devel; +Cc: Florian Westphal
commit 0ceabd83875b72a29f33db4ab703d6ba40ea4c58
(netfilter: ctnetlink: deliver labels to userspace) sets the event bit
when we raced with another packet, instead of raising the event bit
when the label bit is set for the first time.
commit 9b21f6a90924dfe8e5e686c314ddb441fb06501e
(netfilter: ctnetlink: allow userspace to modify labels) forgot to update
the event mask in the "conntrack already exists" case.
Both issues result in CTA_LABELS attribute not getting included in the
conntrack event.
Signed-off-by: Florian Westphal <fw@strlen.de>
---
net/netfilter/nf_conntrack_labels.c | 2 +-
net/netfilter/nf_conntrack_netlink.c | 1 +
2 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/net/netfilter/nf_conntrack_labels.c b/net/netfilter/nf_conntrack_labels.c
index 8fe2e99..355d2ef 100644
--- a/net/netfilter/nf_conntrack_labels.c
+++ b/net/netfilter/nf_conntrack_labels.c
@@ -45,7 +45,7 @@ int nf_connlabel_set(struct nf_conn *ct, u16 bit)
if (test_bit(bit, labels->bits))
return 0;
- if (test_and_set_bit(bit, labels->bits))
+ if (!test_and_set_bit(bit, labels->bits))
nf_conntrack_event_cache(IPCT_LABEL, ct);
return 0;
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index 6d0f8a1..ecf065f 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -1825,6 +1825,7 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb,
nf_conntrack_eventmask_report((1 << IPCT_REPLY) |
(1 << IPCT_ASSURED) |
(1 << IPCT_HELPER) |
+ (1 << IPCT_LABEL) |
(1 << IPCT_PROTOINFO) |
(1 << IPCT_NATSEQADJ) |
(1 << IPCT_MARK),
--
1.7.8.6
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH 1/1] netfilter: ctnetlink: send event when conntrack label was modified
2013-06-21 14:51 [PATCH 1/1] netfilter: ctnetlink: send event when conntrack label was modified Florian Westphal
@ 2013-06-24 15:09 ` Pablo Neira Ayuso
0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira Ayuso @ 2013-06-24 15:09 UTC (permalink / raw)
To: Florian Westphal; +Cc: netfilter-devel
On Fri, Jun 21, 2013 at 04:51:30PM +0200, Florian Westphal wrote:
> commit 0ceabd83875b72a29f33db4ab703d6ba40ea4c58
> (netfilter: ctnetlink: deliver labels to userspace) sets the event bit
> when we raced with another packet, instead of raising the event bit
> when the label bit is set for the first time.
>
> commit 9b21f6a90924dfe8e5e686c314ddb441fb06501e
> (netfilter: ctnetlink: allow userspace to modify labels) forgot to update
> the event mask in the "conntrack already exists" case.
>
> Both issues result in CTA_LABELS attribute not getting included in the
> conntrack event.
Applied, thanks Florian.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-06-24 15:09 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-06-21 14:51 [PATCH 1/1] netfilter: ctnetlink: send event when conntrack label was modified Florian Westphal
2013-06-24 15:09 ` Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).