[PATCH v3 nft 1/4] src: make hash seed attribute optional

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH v3 nft 1/4] src: make hash seed attribute optional
@ 2016-11-04 12:59 Laura Garcia Liebana
  2016-11-08 23:22 ` Pablo Neira Ayuso
  0 siblings, 1 reply; 2+ messages in thread
From: Laura Garcia Liebana @ 2016-11-04 12:59 UTC (permalink / raw)
  To: netfilter-devel

The hash expression requires a seed attribute to call the jhash
operation, eg.

 # nft add rule x y meta mark set jhash ip saddr . ip daddr mod 2 \
	seed 0xdeadbeef

With this patch the seed attribute is optional and it's generated by a
random function from userspace, eg.

 # nft add rule x y meta mark set jhash ip saddr . ip daddr mod 2

The kernel will take care of generate a random seed.

Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
---
Changes in v3:
	- The random generation is done in kernel side.
	- Tests included.

 src/parser_bison.y         | 5 +++++
 tests/py/ip/hash.t         | 1 +
 tests/py/ip/hash.t.payload | 7 +++++++
 3 files changed, 13 insertions(+)

diff --git a/src/parser_bison.y b/src/parser_bison.y
index 17f23c5..82fec99 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -2585,6 +2585,11 @@ hash_expr		:	JHASH	expr	MOD	NUM	SEED	NUM
 				$$ = hash_expr_alloc(&@$, $4, $6);
 				$$->hash.expr = $2;
 			}
+			|	JHASH	expr	MOD	NUM
+			{
+				$$ = hash_expr_alloc(&@$, $4, 0);
+				$$->hash.expr = $2;
+			}
 			;
 
 rt_expr			:	RT	rt_key
diff --git a/tests/py/ip/hash.t b/tests/py/ip/hash.t
index 6dfa965..306ebfd 100644
--- a/tests/py/ip/hash.t
+++ b/tests/py/ip/hash.t
@@ -2,4 +2,5 @@
 *ip;test-ip4;pre
 
 ct mark set jhash ip saddr . ip daddr mod 2 seed 0xdeadbeef;ok
+ct mark set jhash ip saddr . ip daddr mod 2;ok
 dnat to jhash ip saddr mod 2 seed 0xdeadbeef map { 0 : 192.168.20.100, 1 : 192.168.30.100 };ok
diff --git a/tests/py/ip/hash.t.payload b/tests/py/ip/hash.t.payload
index d9a22eb..1188a1b 100644
--- a/tests/py/ip/hash.t.payload
+++ b/tests/py/ip/hash.t.payload
@@ -5,6 +5,13 @@ ip test-ip4 pre
   [ hash reg 1 = jhash(reg 2, 8, 0xdeadbeef) % mod 2 ]
   [ ct set mark with reg 1 ]
 
+# ct mark set jhash ip saddr . ip daddr mod 2
+ip test-ip4 pre
+  [ payload load 4b @ network header + 12 => reg 2 ]
+  [ payload load 4b @ network header + 16 => reg 13 ]
+  [ hash reg 1 = jhash(reg 2, 8, 0x0) % mod 2 ]
+  [ ct set mark with reg 1 ]
+
 # dnat to jhash ip saddr mod 2 seed 0xdeadbeef map { 0 : 192.168.20.100, 1 : 192.168.30.100 }
 __map%d test-ip4 b
 __map%d test-ip4 0
-- 
2.9.3


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH v3 nft 1/4] src: make hash seed attribute optional
  2016-11-04 12:59 [PATCH v3 nft 1/4] src: make hash seed attribute optional Laura Garcia Liebana
@ 2016-11-08 23:22 ` Pablo Neira Ayuso
  0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira Ayuso @ 2016-11-08 23:22 UTC (permalink / raw)
  To: Laura Garcia Liebana; +Cc: netfilter-devel

On Fri, Nov 04, 2016 at 01:59:31PM +0100, Laura Garcia Liebana wrote:
> The hash expression requires a seed attribute to call the jhash
> operation, eg.
> 
>  # nft add rule x y meta mark set jhash ip saddr . ip daddr mod 2 \
> 	seed 0xdeadbeef
> 
> With this patch the seed attribute is optional and it's generated by a
> random function from userspace, eg.
> 
>  # nft add rule x y meta mark set jhash ip saddr . ip daddr mod 2
> 
> The kernel will take care of generate a random seed.

Applied, thanks Laura.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2016-11-08 23:22 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-11-04 12:59 [PATCH v3 nft 1/4] src: make hash seed attribute optional Laura Garcia Liebana
2016-11-08 23:22 ` Pablo Neira Ayuso

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).