| Message ID | 1452887264-26064-1-git-send-email-ast@fiberby.dk |
|---|---|
| State | Accepted |
| Delegated to: | Pablo Neira |
| Headers | show |
On Fri, Jan 15, 2016 at 07:47:43PM +0000, Asbjørn Sloth Tønnesen wrote: > {} is mask-src and mask-dst, [] is tuple-src and tuple-dst > mask-* should be stored in mask, tuple-* should be stored in exptuple. Applied, thanks for fixing up this. BTW, we have better tests under: conntrack-tools/tests/conntrack/testsuite I remember you also posted patches for: http://patchwork.ozlabs.org/patch/428341/ http://patchwork.ozlabs.org/patch/428343/ http://patchwork.ozlabs.org/patch/428342/ It would be great if you can follow up on this, IIRC the only changed I asked for is that it would be good to have test for this new feature. This has been in my TODO list for a while and I didn't find the time to make it myself. Thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Hi Pablo, On Wed, 20 Jan 2016 15:09:55 +0100, Pablo Neira Ayuso <pablo@netfilter.org> wrote: > On Fri, Jan 15, 2016 at 07:47:43PM +0000, Asbjørn Sloth Tønnesen wrote: > > {} is mask-src and mask-dst, [] is tuple-src and tuple-dst > > mask-* should be stored in mask, tuple-* should be stored in exptuple. > > Applied, thanks for fixing up this. > > BTW, we have better tests under: > > conntrack-tools/tests/conntrack/testsuite I know they just don't have any expectation tests yet. They properly should be ported. How is the policy on adding module requirements to the tests? I.e. `test.sh create-expect` has a comment about requiring thr ip_conntrack_ftp module. > I remember you also posted patches for: > > http://patchwork.ozlabs.org/patch/428341/ > http://patchwork.ozlabs.org/patch/428343/ > http://patchwork.ozlabs.org/patch/428342/ > > It would be great if you can follow up on this, IIRC the only changed > I asked for is that it would be good to have test for this new > feature. I rebased it last summer, and then again last week, I just had to get these patches in first, since I re-use the mask arguments. I will post it in two patchsets, first cleanup and netmask support, and then CIDR support. > This has been in my TODO list for a while and I didn't find the time > to make it myself. Mine too.
diff --git a/src/conntrack.c b/src/conntrack.c index 3ae4527..324daf4 100644 --- a/src/conntrack.c +++ b/src/conntrack.c @@ -2074,8 +2074,6 @@ int main(int argc, char *argv[]) break; case '{': case '}': - nfct_set_addr_from_opt(c, tmpl.exptuple, &ad, &family); - break; case '[': case ']': nfct_set_addr_from_opt(c, tmpl.mask, &ad, &family);
{} is mask-src and mask-dst, [] is tuple-src and tuple-dst mask-* should be stored in mask, tuple-* should be stored in exptuple. This reverts commit 3309fdb4413cb32f9b95e05064dc9dbb56550939 since it mixed up {} and []. --- src/conntrack.c | 2 -- 1 file changed, 2 deletions(-)