| Message ID | 1449321576-20705-1-git-send-email-shivanib134@gmail.com |
|---|---|
| State | Changes Requested |
| Delegated to: | Pablo Neira |
| Headers | show |
Hi Shivani, On Sat, Dec 05, 2015 at 06:49:36PM +0530, Shivani Bhardwaj wrote: > Add translation of the metainformation mark to nft. > > Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com> > --- > extensions/libxt_mark.c | 60 +++++++++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 60 insertions(+) > > diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c > index 7f8c995..5105bf9 100644 > --- a/extensions/libxt_mark.c > +++ b/extensions/libxt_mark.c > @@ -102,6 +102,64 @@ mark_save(const void *ip, const struct xt_entry_match *match) > print_mark(info->mark, info->mask); > } > > +static void > +print_mark_xlate(struct xt_buf *buf, > + unsigned int mark, unsigned int mask) > +{ > + if (mask != 0xffffffffU) > + xt_buf_add(buf, " 0x%x/0x%x", mark, mask); In nftables this should be translated to &. > + else > + xt_buf_add(buf, " 0x%x", mark); > +} > + > +static void > +mark_mt_xlate_print(const struct xt_entry_match *match, > + struct xt_buf *buf, int numeric) > +{ > + const struct xt_mark_mtinfo1 *info = (const void *)match->data; > + > + if (info->invert) ^^^^^^ There is a tab that is not needed there. Update your editor configuration to highlight unnecessary spaces before line break, > + xt_buf_add(buf, " !"); > + print_mark_xlate(buf, info->mark, info->mask); > +} > + > +static int > +mark_mt_xlate(const struct xt_entry_match *match, > + struct xt_buf *buf, int numeric) > +{ > + const struct xt_mark_mtinfo1 *info = (const void *)match->data; > + > + xt_buf_add(buf, "ct mark %s", info->invert ? " !" : ""); Invert in nft is '!='. Please, make sure that the suggested translation actually works in nft. But overall this looks good like a good start. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Sun, Dec 6, 2015 at 12:44 AM, Pablo Neira Ayuso <pablo@netfilter.org> wrote: > Hi Shivani, > > On Sat, Dec 05, 2015 at 06:49:36PM +0530, Shivani Bhardwaj wrote: >> Add translation of the metainformation mark to nft. >> >> Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com> >> --- >> extensions/libxt_mark.c | 60 +++++++++++++++++++++++++++++++++++++++++++++++++ >> 1 file changed, 60 insertions(+) >> >> diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c >> index 7f8c995..5105bf9 100644 >> --- a/extensions/libxt_mark.c >> +++ b/extensions/libxt_mark.c >> @@ -102,6 +102,64 @@ mark_save(const void *ip, const struct xt_entry_match *match) >> print_mark(info->mark, info->mask); >> } >> >> +static void >> +print_mark_xlate(struct xt_buf *buf, >> + unsigned int mark, unsigned int mask) >> +{ >> + if (mask != 0xffffffffU) >> + xt_buf_add(buf, " 0x%x/0x%x", mark, mask); > > In nftables this should be translated to &. > Do you mean this? if (mask & 0xffffffffU) >> + else >> + xt_buf_add(buf, " 0x%x", mark); >> +} >> + >> +static void >> +mark_mt_xlate_print(const struct xt_entry_match *match, >> + struct xt_buf *buf, int numeric) >> +{ >> + const struct xt_mark_mtinfo1 *info = (const void *)match->data; >> + >> + if (info->invert) > ^^^^^^ > There is a tab that is not needed there. Update your editor > configuration to highlight unnecessary spaces before line break, > Done. >> + xt_buf_add(buf, " !"); >> + print_mark_xlate(buf, info->mark, info->mask); >> +} >> + >> +static int >> +mark_mt_xlate(const struct xt_entry_match *match, >> + struct xt_buf *buf, int numeric) >> +{ >> + const struct xt_mark_mtinfo1 *info = (const void *)match->data; >> + >> + xt_buf_add(buf, "ct mark %s", info->invert ? " !" : ""); > > Invert in nft is '!='. > > Please, make sure that the suggested translation actually works in > nft. > > But overall this looks good like a good start. Thank you. I'll be sending version 2. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Sat, Dec 05, 2015 at 08:14:09PM +0100, Pablo Neira Ayuso wrote: > Hi Shivani, > > On Sat, Dec 05, 2015 at 06:49:36PM +0530, Shivani Bhardwaj wrote: > > Add translation of the metainformation mark to nft. > > > > Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com> > > --- > > extensions/libxt_mark.c | 60 +++++++++++++++++++++++++++++++++++++++++++++++++ > > 1 file changed, 60 insertions(+) > > > > diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c > > index 7f8c995..5105bf9 100644 > > --- a/extensions/libxt_mark.c > > +++ b/extensions/libxt_mark.c > > @@ -102,6 +102,64 @@ mark_save(const void *ip, const struct xt_entry_match *match) > > print_mark(info->mark, info->mask); > > } > > > > +static void > > +print_mark_xlate(struct xt_buf *buf, > > + unsigned int mark, unsigned int mask) > > +{ > > + if (mask != 0xffffffffU) > > + xt_buf_add(buf, " 0x%x/0x%x", mark, mask); > > In nftables this should be translated to &. I mean: xt_buf_add(buf, " & x%x == x%x", mask, mark); -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Sun, Dec 6, 2015 at 4:44 AM, Pablo Neira Ayuso <pablo@netfilter.org> wrote: > On Sat, Dec 05, 2015 at 08:14:09PM +0100, Pablo Neira Ayuso wrote: >> Hi Shivani, >> >> On Sat, Dec 05, 2015 at 06:49:36PM +0530, Shivani Bhardwaj wrote: >> > Add translation of the metainformation mark to nft. >> > >> > Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com> >> > --- >> > extensions/libxt_mark.c | 60 +++++++++++++++++++++++++++++++++++++++++++++++++ >> > 1 file changed, 60 insertions(+) >> > >> > diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c >> > index 7f8c995..5105bf9 100644 >> > --- a/extensions/libxt_mark.c >> > +++ b/extensions/libxt_mark.c >> > @@ -102,6 +102,64 @@ mark_save(const void *ip, const struct xt_entry_match *match) >> > print_mark(info->mark, info->mask); >> > } >> > >> > +static void >> > +print_mark_xlate(struct xt_buf *buf, >> > + unsigned int mark, unsigned int mask) >> > +{ >> > + if (mask != 0xffffffffU) >> > + xt_buf_add(buf, " 0x%x/0x%x", mark, mask); >> >> In nftables this should be translated to &. > > I mean: > xt_buf_add(buf, " & x%x == x%x", mask, mark); OK. I'm sending version 2. Please check it. Thank you -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c index 7f8c995..5105bf9 100644 --- a/extensions/libxt_mark.c +++ b/extensions/libxt_mark.c @@ -102,6 +102,64 @@ mark_save(const void *ip, const struct xt_entry_match *match) print_mark(info->mark, info->mask); } +static void +print_mark_xlate(struct xt_buf *buf, + unsigned int mark, unsigned int mask) +{ + if (mask != 0xffffffffU) + xt_buf_add(buf, " 0x%x/0x%x", mark, mask); + else + xt_buf_add(buf, " 0x%x", mark); +} + +static void +mark_mt_xlate_print(const struct xt_entry_match *match, + struct xt_buf *buf, int numeric) +{ + const struct xt_mark_mtinfo1 *info = (const void *)match->data; + + if (info->invert) + xt_buf_add(buf, " !"); + print_mark_xlate(buf, info->mark, info->mask); +} + +static int +mark_mt_xlate(const struct xt_entry_match *match, + struct xt_buf *buf, int numeric) +{ + const struct xt_mark_mtinfo1 *info = (const void *)match->data; + + xt_buf_add(buf, "ct mark %s", info->invert ? " !" : ""); + print_mark_xlate(buf, info->mark, info->mask); + xt_buf_add(buf, " "); + + return 1; +} + +static void +mark_xlate_print(const struct xt_entry_match *match, + struct xt_buf *buf, int numeric) +{ + const struct xt_mark_info *info = (const void *)match->data; + + if (info->invert) + xt_buf_add(buf, " !"); + print_mark_xlate(buf, info->mark, info->mask); +} + +static int +mark_xlate(const struct xt_entry_match *match, + struct xt_buf *buf, int numeric) +{ + const struct xt_mark_info *info = (const void *)match->data; + + xt_buf_add(buf, "ct mark %s", info->invert ? " !" : ""); + print_mark_xlate(buf, info->mark, info->mask); + xt_buf_add(buf, " "); + + return 1; +} + static struct xtables_match mark_mt_reg[] = { { .family = NFPROTO_UNSPEC, @@ -115,6 +173,7 @@ static struct xtables_match mark_mt_reg[] = { .save = mark_save, .x6_parse = mark_parse, .x6_options = mark_mt_opts, + .xlate = mark_xlate, }, { .version = XTABLES_VERSION, @@ -128,6 +187,7 @@ static struct xtables_match mark_mt_reg[] = { .save = mark_mt_save, .x6_parse = mark_mt_parse, .x6_options = mark_mt_opts, + .xlate = mark_mt_xlate, }, };
Add translation of the metainformation mark to nft. Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com> --- extensions/libxt_mark.c | 60 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+)