From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: kaber@trash.net
Subject: [PATCH 0/7] libnftnl updates
Date: Wed, 26 Feb 2014 02:51:52 +0100 [thread overview]
Message-ID: <1393379519-16189-1-git-send-email-pablo@netfilter.org> (raw)
This batch contains updates for libnftnl:
* add implicit bugtrap for undefined set operations. Gcc will spot a
compilation warning if attribute is not defined in the switch in
nft_*_attr_set.
* add assertion infrastructure to validate attribute size.
* Add nft_*_attr_{set|get}_data to allow setting data of variable length.
This includes validation of the attribute size. This new interface
supersedes nft_*_attr_{set|get}. It is required by the per-rule
userdata infrastructure.
* Fix wrong family attribute type uncovered by the validation added +
existing test infrastructure.
* Get in sync with current linux kernel header (as of 3.14-rc).
* Simplify the overly complicated nft-rule-add example. This should help
to merge the nft-rule-insert example into nft-rule-add.
* add support for NFT_RULE_ATTR_USERDATA, which allows nft to attach
human-readable comments.
Pablo Neira Ayuso (7):
src: early attribute type validation in nft_*_attr_set
src: add assertion infrastructure to validate attribute types
src: add nft_*_attr_{set|get}_data interface
src: fix wrong type in NFT_ATTR_*_FAMILY
include: get linux/netfilter/nf_tables.h in sync with kernel header
example: nft-rule-add: simplify example
rule: add NFT_RULE_ATTR_USERDATA support
Make_global.am | 2 +-
examples/nft-rule-add.c | 86 ++++++++----------------
include/libnftnl/chain.h | 6 ++
include/libnftnl/expr.h | 2 +
include/libnftnl/rule.h | 7 ++
include/libnftnl/set.h | 6 ++
include/libnftnl/table.h | 6 ++
include/linux/netfilter/nf_tables.h | 8 ++-
src/chain.c | 83 ++++++++++++++++++-----
src/internal.h | 13 ++++
src/libnftnl.map | 11 +++
src/rule.c | 125 +++++++++++++++++++++++++++++++----
src/set.c | 47 +++++++++++--
src/table.c | 50 ++++++++++----
src/utils.c | 7 ++
tests/nft-chain-test.c | 6 +-
tests/nft-expr_ct-test.c | 6 +-
tests/nft-expr_exthdr-test.c | 6 +-
tests/nft-expr_meta-test.c | 4 +-
tests/nft-table-test.c | 6 +-
20 files changed, 368 insertions(+), 119 deletions(-)
--
1.7.10.4
next reply other threads:[~2014-02-26 1:52 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-02-26 1:51 Pablo Neira Ayuso [this message]
2014-02-26 1:51 ` [PATCH 1/7] src: early attribute type validation in nft_*_attr_set Pablo Neira Ayuso
2014-02-26 1:51 ` [PATCH 2/7] src: add assertion infrastructure to validate attribute types Pablo Neira Ayuso
2014-02-26 1:51 ` [PATCH 3/7] src: add nft_*_attr_{set|get}_data interface Pablo Neira Ayuso
2014-02-26 1:51 ` [PATCH 4/7] src: fix wrong type in NFT_ATTR_*_FAMILY Pablo Neira Ayuso
2014-02-26 1:51 ` [PATCH 5/7] include: get linux/netfilter/nf_tables.h in sync with kernel header Pablo Neira Ayuso
2014-02-26 1:51 ` [PATCH 6/7] example: nft-rule-add: simplify example Pablo Neira Ayuso
2014-02-26 1:51 ` [PATCH 7/7] rule: add NFT_RULE_ATTR_USERDATA support Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1393379519-16189-1-git-send-email-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=kaber@trash.net \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).