Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/1.2/patches/805164/?format=api
{ "id": 805164, "url": "http://patchwork.ozlabs.org/api/1.2/patches/805164/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20170823204125.31427-3-pablombg@gmail.com/", "project": { "id": 26, "url": "http://patchwork.ozlabs.org/api/1.2/projects/26/?format=api", "name": "Netfilter Development", "link_name": "netfilter-devel", "list_id": "netfilter-devel.vger.kernel.org", "list_email": "netfilter-devel@vger.kernel.org", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20170823204125.31427-3-pablombg@gmail.com>", "list_archive_url": null, "date": "2017-08-23T20:41:25", "name": "[nf-next,3/3] netfilter: nft_limit: add stateful object type", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": false, "hash": "ca92c02965c28c3780601bfe723a6406c4e69977", "submitter": { "id": 67698, "url": "http://patchwork.ozlabs.org/api/1.2/people/67698/?format=api", "name": "Pablo M. Bermudo Garay", "email": "pablombg@gmail.com" }, "delegate": { "id": 6139, "url": "http://patchwork.ozlabs.org/api/1.2/users/6139/?format=api", "username": "pablo", "first_name": "Pablo", "last_name": "Neira", "email": "pablo@netfilter.org" }, "mbox": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20170823204125.31427-3-pablombg@gmail.com/mbox/", "series": [], "comments": "http://patchwork.ozlabs.org/api/patches/805164/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/805164/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<netfilter-devel-owner@vger.kernel.org>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@bilbo.ozlabs.org", "Authentication-Results": [ "ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netfilter-devel-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)", "ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n\tunprotected) header.d=gmail.com header.i=@gmail.com\n\theader.b=\"IbEdyqfP\"; dkim-atps=neutral" ], "Received": [ "from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xczrL4mlJz9s65\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu, 24 Aug 2017 06:42:26 +1000 (AEST)", "(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1754191AbdHWUmV (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);\n\tWed, 23 Aug 2017 16:42:21 -0400", "from mail-wm0-f67.google.com ([74.125.82.67]:35717 \"EHLO\n\tmail-wm0-f67.google.com\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n\twith ESMTP id S1754173AbdHWUmS (ORCPT\n\t<rfc822;netfilter-devel@vger.kernel.org>);\n\tWed, 23 Aug 2017 16:42:18 -0400", "by mail-wm0-f67.google.com with SMTP id x79so709117wma.2\n\tfor <netfilter-devel@vger.kernel.org>;\n\tWed, 23 Aug 2017 13:42:17 -0700 (PDT)", "from localhost.localdomain (75.red-88-9-82.dynamicip.rima-tde.net.\n\t[88.9.82.75]) by smtp.gmail.com with ESMTPSA id\n\t65sm2035727wmf.0.2017.08.23.13.42.15\n\t(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);\n\tWed, 23 Aug 2017 13:42:15 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=gmail.com; s=20161025;\n\th=from:to:cc:subject:date:message-id:in-reply-to:references;\n\tbh=AEQkQg0DNJVsJzX70syQ7OjOQR0dfs8FhXKUEY2CzFs=;\n\tb=IbEdyqfPOjZWXBvWis6SmiyT4m22QtTDTv/Zodn0ZM2evXKtiecZWn7fRuJmLJ1B+p\n\twRh3Cua2+B2r4ur2hkaBwypwhW3tBFkpwDwBYC5oJL6pQXw8V7Z5Tq8XXUUE1FZ5zpRz\n\ta6D60fLXYiipxaISlXt7koYHd7L9USTN2nmss0vNcBNzQFqOzJTaF0KLS6Xbr5srOqVR\n\tL9/RzncncD8LwMVop8QIOwDXfCF2Gpe91O52shQ00tfSp/HGCsY6pP1+XAl38prdhhgE\n\tZsOAfejh4UVskrS16opXX5FsDHHCiP1Z01QRLghztFdGyFgXTz1eRy0L21dtUVxhRoUR\n\trSDg==", "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to\n\t:references;\n\tbh=AEQkQg0DNJVsJzX70syQ7OjOQR0dfs8FhXKUEY2CzFs=;\n\tb=h9B/jMaYIdXYssP6qQcV4ymokHE2tzAeb1j8Conly7ghSyqaXYeHhAJyVjWnWwmWU4\n\t+0xlZi6LuLMoOymg9jA2LZquet2hndwKdtfqyp4CNa3p/IhMVwSHHKvyItxjIgqeeG08\n\tDT+KFqid9mSE8xMX/Z2dTdtjPoC6qZ/vLyv5CCnnVtHH+PEggBBgvNSAM8Mlp9L7uMEW\n\tirCpKj5aIdn81f+Mj8OKUjNyrGYh0AGXnLDRCg4N2uvrlN92AOaH4cDdHM2oltHrBDKq\n\tVmOTCU+y4eg5FPsDNxYIJJcBZzKRYUXqO3H7CK1/fGZmo5mpXcNMY4CuafLwz6u0UeE9\n\tAPCQ==", "X-Gm-Message-State": "AHYfb5ixkUHuNo2yXn6r5ycBgaom/1MOgQQ1gUAZvVbcr5Nx7DNZqmeu\n\to+yxUjOfRJX96s6e0W4=", "X-Received": "by 10.28.62.200 with SMTP id l191mr2896713wma.57.1503520936575; \n\tWed, 23 Aug 2017 13:42:16 -0700 (PDT)", "From": "\"Pablo M. Bermudo Garay\" <pablombg@gmail.com>", "To": "netfilter-devel@vger.kernel.org", "Cc": "pablo@netfilter.org, \"Pablo M. Bermudo Garay\" <pablombg@gmail.com>", "Subject": "[PATCH nf-next 3/3] netfilter: nft_limit: add stateful object type", "Date": "Wed, 23 Aug 2017 22:41:25 +0200", "Message-Id": "<20170823204125.31427-3-pablombg@gmail.com>", "X-Mailer": "git-send-email 2.14.1", "In-Reply-To": "<20170823204125.31427-1-pablombg@gmail.com>", "References": "<20170823204125.31427-1-pablombg@gmail.com>", "Sender": "netfilter-devel-owner@vger.kernel.org", "Precedence": "bulk", "List-ID": "<netfilter-devel.vger.kernel.org>", "X-Mailing-List": "netfilter-devel@vger.kernel.org" }, "content": "Register a new limit stateful object type into the stateful object\ninfrastructure.\n\nSigned-off-by: Pablo M. Bermudo Garay <pablombg@gmail.com>\n---\n include/uapi/linux/netfilter/nf_tables.h | 3 +-\n net/netfilter/nft_limit.c | 118 ++++++++++++++++++++++++++++++-\n 2 files changed, 119 insertions(+), 2 deletions(-)", "diff": "diff --git a/include/uapi/linux/netfilter/nf_tables.h b/include/uapi/linux/netfilter/nf_tables.h\nindex dc7661c293b8..ca5c36876bac 100644\n--- a/include/uapi/linux/netfilter/nf_tables.h\n+++ b/include/uapi/linux/netfilter/nf_tables.h\n@@ -1278,7 +1278,8 @@ enum nft_ct_helper_attributes {\n #define NFT_OBJECT_COUNTER\t1\n #define NFT_OBJECT_QUOTA\t2\n #define NFT_OBJECT_CT_HELPER\t3\n-#define __NFT_OBJECT_MAX\t4\n+#define NFT_OBJECT_LIMIT\t4\n+#define __NFT_OBJECT_MAX\t5\n #define NFT_OBJECT_MAX\t\t(__NFT_OBJECT_MAX - 1)\n \n /**\ndiff --git a/net/netfilter/nft_limit.c b/net/netfilter/nft_limit.c\nindex d66b4de5b07c..b6903df21fc4 100644\n--- a/net/netfilter/nft_limit.c\n+++ b/net/netfilter/nft_limit.c\n@@ -226,14 +226,129 @@ static struct nft_expr_type nft_limit_type __read_mostly = {\n \t.owner\t\t= THIS_MODULE,\n };\n \n+static void nft_limit_obj_pkts_eval(struct nft_object *obj,\n+\t\t\t\t struct nft_regs *regs,\n+\t\t\t\t const struct nft_pktinfo *pkt)\n+{\n+\tstruct nft_limit_pkts *priv = nft_obj_data(obj);\n+\n+\tif (nft_limit_eval(&priv->limit, priv->cost))\n+\t\tregs->verdict.code = NFT_BREAK;\n+}\n+\n+static int nft_limit_obj_pkts_init(const struct nft_ctx *ctx,\n+\t\t\t\t const struct nlattr * const tb[],\n+\t\t\t\t struct nft_object *obj)\n+{\n+\tstruct nft_limit_pkts *priv = nft_obj_data(obj);\n+\tint err;\n+\n+\terr = nft_limit_init(&priv->limit, tb);\n+\tif (err < 0)\n+\t\treturn err;\n+\n+\tpriv->cost = div64_u64(priv->limit.nsecs, priv->limit.rate);\n+\treturn 0;\n+}\n+\n+static int nft_limit_obj_pkts_dump(struct sk_buff *skb,\n+\t\t\t\t struct nft_object *obj,\n+\t\t\t\t bool reset)\n+{\n+\tconst struct nft_limit_pkts *priv = nft_obj_data(obj);\n+\n+\treturn nft_limit_dump(skb, &priv->limit, NFT_LIMIT_PKTS);\n+}\n+\n+static const struct nft_object_ops nft_limit_obj_pkts_ops = {\n+\t.size\t\t= NFT_EXPR_SIZE(sizeof(struct nft_limit_pkts)),\n+\t.init\t\t= nft_limit_obj_pkts_init,\n+\t.eval\t\t= nft_limit_obj_pkts_eval,\n+\t.dump\t\t= nft_limit_obj_pkts_dump,\n+};\n+\n+static void nft_limit_obj_bytes_eval(struct nft_object *obj,\n+\t\t\t\t struct nft_regs *regs,\n+\t\t\t\t const struct nft_pktinfo *pkt)\n+{\n+\tstruct nft_limit *priv = nft_obj_data(obj);\n+\tu64 cost = div64_u64(priv->nsecs * pkt->skb->len, priv->rate);\n+\n+\tif (nft_limit_eval(priv, cost))\n+\t\tregs->verdict.code = NFT_BREAK;\n+}\n+\n+static int nft_limit_obj_bytes_init(const struct nft_ctx *ctx,\n+\t\t\t\t const struct nlattr * const tb[],\n+\t\t\t\t struct nft_object *obj)\n+{\n+\tstruct nft_limit *priv = nft_obj_data(obj);\n+\n+\treturn nft_limit_init(priv, tb);\n+}\n+\n+static int nft_limit_obj_bytes_dump(struct sk_buff *skb,\n+\t\t\t\t struct nft_object *obj,\n+\t\t\t\t bool reset)\n+{\n+\tconst struct nft_limit *priv = nft_obj_data(obj);\n+\n+\treturn nft_limit_dump(skb, priv, NFT_LIMIT_BYTES);\n+}\n+\n+static const struct nft_object_ops nft_limit_obj_bytes_ops = {\n+\t.size\t\t= sizeof(struct nft_limit),\n+\t.init\t\t= nft_limit_obj_bytes_init,\n+\t.eval\t\t= nft_limit_obj_bytes_eval,\n+\t.dump\t\t= nft_limit_obj_bytes_dump,\n+};\n+\n+static const struct nft_object_ops *\n+nft_limit_obj_select_ops(const struct nft_ctx *ctx,\n+\t\t\t const struct nlattr * const tb[])\n+{\n+\tif (!tb[NFTA_LIMIT_TYPE])\n+\t\treturn &nft_limit_obj_pkts_ops;\n+\n+\tswitch (ntohl(nla_get_be32(tb[NFTA_LIMIT_TYPE]))) {\n+\tcase NFT_LIMIT_PKTS:\n+\t\treturn &nft_limit_obj_pkts_ops;\n+\tcase NFT_LIMIT_BYTES:\n+\t\treturn &nft_limit_obj_bytes_ops;\n+\t}\n+\treturn ERR_PTR(-EOPNOTSUPP);\n+}\n+\n+static struct nft_object_type nft_limit_obj __read_mostly = {\n+\t.select_ops\t= nft_limit_obj_select_ops,\n+\t.type\t\t= NFT_OBJECT_LIMIT,\n+\t.maxattr\t= NFTA_LIMIT_MAX,\n+\t.policy\t\t= nft_limit_policy,\n+\t.owner\t\t= THIS_MODULE,\n+};\n+\n static int __init nft_limit_module_init(void)\n {\n-\treturn nft_register_expr(&nft_limit_type);\n+\tint err;\n+\n+\terr = nft_register_obj(&nft_limit_obj);\n+\tif (err < 0)\n+\t\treturn err;\n+\n+\terr = nft_register_expr(&nft_limit_type);\n+\tif (err < 0)\n+\t\tgoto err1;\n+\n+\treturn 0;\n+err1:\n+\tnft_unregister_obj(&nft_limit_obj);\n+\treturn err;\n }\n \n static void __exit nft_limit_module_exit(void)\n {\n \tnft_unregister_expr(&nft_limit_type);\n+\tnft_unregister_obj(&nft_limit_obj);\n }\n \n module_init(nft_limit_module_init);\n@@ -242,3 +357,4 @@ module_exit(nft_limit_module_exit);\n MODULE_LICENSE(\"GPL\");\n MODULE_AUTHOR(\"Patrick McHardy <kaber@trash.net>\");\n MODULE_ALIAS_NFT_EXPR(\"limit\");\n+MODULE_ALIAS_NFT_OBJ(NFT_OBJECT_LIMIT);\n", "prefixes": [ "nf-next", "3/3" ] }