From: Hans Schillstrom <hans.schillstrom@ericsson.com>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: "kaber@trash.net" <kaber@trash.net>,
"jengelh@medozas.de" <jengelh@medozas.de>,
"netfilter-devel@vger.kernel.org"
<netfilter-devel@vger.kernel.org>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
"hans@schillstrom.com" <hans@schillstrom.com>
Subject: Re: [v11 PATCH 2/3] NETFILTER module xt_hmark, new target for HASH based fwmark
Date: Mon, 23 Apr 2012 14:33:16 +0200 [thread overview]
Message-ID: <201204231433.17751.hans.schillstrom@ericsson.com> (raw)
In-Reply-To: <20120412155442.GA10767@1984>
On Thursday 12 April 2012 17:54:42 Pablo Neira Ayuso wrote:
> Hi Hans,
>
> On Thu, Mar 22, 2012 at 12:59:52PM +0100, Hans Schillstrom wrote:
[snip]
> >
> > +config NETFILTER_XT_TARGET_HMARK
> > + tristate '"HMARK" target support'
> > + depends on (IP6_NF_IPTABLES || IP6_NF_IPTABLES=n)
>
> do we really need this dependency above?
Nope, I'll removed it.
[snip]
>
> There's an inconsistency here. No conntrack support for IPv6.
That's true, since it was intended for nat from the very begining..
I'll added.
>
> I'd suggest to split hmark_v4 into two functions by checking:
>
or make a common hmark_ct for ipv6 and ipv4
> ... hmark_v4(...)
> {
> if (info->flags & XT_F_HMARK_CT)
> ret = hmark_tg_ct_v4(...)
> else
> ret = hmark_tg_v4(...)
>
> return ret;
> }
>
> Same thing for IPv6. Those function will look smaller, and that's good
> to make the code more maintainable.
>
> You can define some hmark_hash_v4 and hmark_hash_v6 function that you
> may want to inline.
>
> Another suggestion in case you may need to extend HMARK in
> the future. I think some info->type field to specify the
>
> info->type can be HMARK_T_PKT or HMARK_T_CT.
>
> Thus, the code above would look like:
>
> ... hmark_v4(...)
> {
> switch(info->type) {
> case HMARK_T_PKT:
> ret = hmark_tg_ct_v4(...)
> break;
> case HMARK_T_CT:
> ret = hmark_tg_v4(...)
> break;
> }
> }
>
> But *this is only a suggestion*, of course.
>
Thanks Pablo for your review , I will send a new patch today
Regards
Hans Schillstrom <hans.schillstrom@ericsson.com>
next prev parent reply other threads:[~2012-04-23 12:33 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-22 11:59 [v11 PATCH 0/3] NETFILTER new target module, HMARK Hans Schillstrom
2012-03-22 11:59 ` [v11 PATCH 1/3] NETFILTER added flags to ipv6_find_hdr() Hans Schillstrom
2012-03-22 11:59 ` [v11 PATCH 2/3] NETFILTER module xt_hmark, new target for HASH based fwmark Hans Schillstrom
2012-04-12 15:54 ` Pablo Neira Ayuso
2012-04-23 12:33 ` Hans Schillstrom [this message]
2012-03-22 11:59 ` [v11 PATCH 3/3] NETFILTER userspace part for target HMARK Hans Schillstrom
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201204231433.17751.hans.schillstrom@ericsson.com \
--to=hans.schillstrom@ericsson.com \
--cc=hans@schillstrom.com \
--cc=jengelh@medozas.de \
--cc=kaber@trash.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).