From patchwork Wed Oct 16 23:03:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Phil Sutter X-Patchwork-Id: 1178223 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=nwl.cc Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 46tnsd6gyhz9sNw for ; Thu, 17 Oct 2019 10:03:49 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2405683AbfJPXDt (ORCPT ); Wed, 16 Oct 2019 19:03:49 -0400 Received: from orbyte.nwl.cc ([151.80.46.58]:40208 "EHLO orbyte.nwl.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731616AbfJPXDt (ORCPT ); Wed, 16 Oct 2019 19:03:49 -0400 Received: from localhost ([::1]:53298 helo=tatos) by orbyte.nwl.cc with esmtp (Exim 4.91) (envelope-from ) id 1iKsKZ-0005fF-TQ; Thu, 17 Oct 2019 01:03:47 +0200 From: Phil Sutter To: Pablo Neira Ayuso Cc: netfilter-devel@vger.kernel.org Subject: [nft PATCH 1/4] monitor: Add missing newline to error message Date: Thu, 17 Oct 2019 01:03:19 +0200 Message-Id: <20191016230322.24432-2-phil@nwl.cc> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191016230322.24432-1-phil@nwl.cc> References: <20191016230322.24432-1-phil@nwl.cc> MIME-Version: 1.0 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org These shouldn't happen in practice and printing to stderr is not the right thing either, but fix this anyway. Fixes: f9563c0feb24d ("src: add events reporting") Signed-off-by: Phil Sutter Acked-by: Florian Westphal Acked-by: Pablo Neira Ayuso --- src/monitor.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/monitor.c b/src/monitor.c index 40c381149cdaa..20810a5de0cfb 100644 --- a/src/monitor.c +++ b/src/monitor.c @@ -388,7 +388,7 @@ static int netlink_events_setelem_cb(const struct nlmsghdr *nlh, int type, set = set_lookup_global(family, table, setname, &monh->ctx->nft->cache); if (set == NULL) { - fprintf(stderr, "W: Received event for an unknown set."); + fprintf(stderr, "W: Received event for an unknown set.\n"); goto out; } From patchwork Wed Oct 16 23:03:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Phil Sutter X-Patchwork-Id: 1178221 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=nwl.cc Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 46tnsR0cwZz9sNw for ; Thu, 17 Oct 2019 10:03:39 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389129AbfJPXDi (ORCPT ); Wed, 16 Oct 2019 19:03:38 -0400 Received: from orbyte.nwl.cc ([151.80.46.58]:40196 "EHLO orbyte.nwl.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731616AbfJPXDi (ORCPT ); Wed, 16 Oct 2019 19:03:38 -0400 Received: from localhost ([::1]:53286 helo=tatos) by orbyte.nwl.cc with esmtp (Exim 4.91) (envelope-from ) id 1iKsKP-0005eV-0R; Thu, 17 Oct 2019 01:03:37 +0200 From: Phil Sutter To: Pablo Neira Ayuso Cc: netfilter-devel@vger.kernel.org Subject: [nft PATCH 2/4] Revert "monitor: fix double cache update with --echo" Date: Thu, 17 Oct 2019 01:03:20 +0200 Message-Id: <20191016230322.24432-3-phil@nwl.cc> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191016230322.24432-1-phil@nwl.cc> References: <20191016230322.24432-1-phil@nwl.cc> MIME-Version: 1.0 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org This reverts commit 9b032cd6477b847f48dc8454f0e73935e9f48754. While it is true that a cache exists, we still need to capture new sets and their elements if they are anonymous. This is because the name changes and rules will refer to them by name. Given that there is no easy way to identify the anonymous set in cache (kernel doesn't (and shouldn't) dump SET_ID value) to update its name, just go with cache updates. Assuming that echo option is typically used for single commands, there is not much cache updating happening anyway. Signed-off-by: Phil Sutter Acked-by: Florian Westphal --- src/monitor.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/monitor.c b/src/monitor.c index 20810a5de0cfb..f353c5b09cf5d 100644 --- a/src/monitor.c +++ b/src/monitor.c @@ -900,6 +900,7 @@ int netlink_echo_callback(const struct nlmsghdr *nlh, void *data) .ctx = ctx, .loc = &netlink_location, .monitor_flags = 0xffffffff, + .cache_needed = true, }; if (!nft_output_echo(&echo_monh.ctx->nft->output)) From patchwork Wed Oct 16 23:03:21 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Phil Sutter X-Patchwork-Id: 1178220 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=nwl.cc Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 46tnsL2Wskz9sNw for ; Thu, 17 Oct 2019 10:03:34 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389825AbfJPXDd (ORCPT ); Wed, 16 Oct 2019 19:03:33 -0400 Received: from orbyte.nwl.cc ([151.80.46.58]:40190 "EHLO orbyte.nwl.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731616AbfJPXDd (ORCPT ); Wed, 16 Oct 2019 19:03:33 -0400 Received: from localhost ([::1]:53280 helo=tatos) by orbyte.nwl.cc with esmtp (Exim 4.91) (envelope-from ) id 1iKsKJ-0005e4-KM; Thu, 17 Oct 2019 01:03:31 +0200 From: Phil Sutter To: Pablo Neira Ayuso Cc: netfilter-devel@vger.kernel.org Subject: [nft PATCH 3/4] tests/monitor: Fix for changed ct timeout format Date: Thu, 17 Oct 2019 01:03:21 +0200 Message-Id: <20191016230322.24432-4-phil@nwl.cc> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191016230322.24432-1-phil@nwl.cc> References: <20191016230322.24432-1-phil@nwl.cc> MIME-Version: 1.0 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Commit a9b0c385a1d5e ("rule: print space between policy and timeout") changed spacing in ct timeout objects but missed to adjust related test case. Fixes: a9b0c385a1d5e ("rule: print space between policy and timeout") Signed-off-by: Phil Sutter Acked-by: Florian Westphal Acked-by: Pablo Neira Ayuso --- tests/monitor/testcases/object.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/monitor/testcases/object.t b/tests/monitor/testcases/object.t index dacfed29d639e..2afe33c812571 100644 --- a/tests/monitor/testcases/object.t +++ b/tests/monitor/testcases/object.t @@ -37,7 +37,7 @@ I delete ct helper ip t cth O - J {"delete": {"ct helper": {"family": "ip", "name": "cth", "table": "t", "handle": 0, "type": "sip", "protocol": "tcp", "l3proto": "ip"}}} -I add ct timeout ip t ctt { protocol udp; l3proto ip; policy = { unreplied: 15, replied: 12 }; } +I add ct timeout ip t ctt { protocol udp; l3proto ip; policy = { unreplied : 15, replied : 12 }; } O - J {"add": {"ct timeout": {"family": "ip", "name": "ctt", "table": "t", "handle": 0, "protocol": "udp", "l3proto": "ip", "policy": {"unreplied": 15, "replied": 12}}}} From patchwork Wed Oct 16 23:03:22 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Phil Sutter X-Patchwork-Id: 1178224 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=nwl.cc Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 46tnsl2x42z9sNw for ; Thu, 17 Oct 2019 10:03:55 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2405695AbfJPXDz (ORCPT ); Wed, 16 Oct 2019 19:03:55 -0400 Received: from orbyte.nwl.cc ([151.80.46.58]:40214 "EHLO orbyte.nwl.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731616AbfJPXDy (ORCPT ); Wed, 16 Oct 2019 19:03:54 -0400 Received: from localhost ([::1]:53304 helo=tatos) by orbyte.nwl.cc with esmtp (Exim 4.91) (envelope-from ) id 1iKsKf-0005fb-AT; Thu, 17 Oct 2019 01:03:53 +0200 From: Phil Sutter To: Pablo Neira Ayuso Cc: netfilter-devel@vger.kernel.org Subject: [nft PATCH 4/4] rule: Fix for single line ct timeout printing Date: Thu, 17 Oct 2019 01:03:22 +0200 Message-Id: <20191016230322.24432-5-phil@nwl.cc> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191016230322.24432-1-phil@nwl.cc> References: <20191016230322.24432-1-phil@nwl.cc> MIME-Version: 1.0 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Commit 43ae7a48ae3de ("rule: do not print semicolon in ct timeout") removed an extra semicolon at end of line, but thereby broke single line output. The correct fix is to use opts->stmt_separator which holds either newline or semicolon chars depending on output mode. Fixes: 43ae7a48ae3de ("rule: do not print semicolon in ct timeout") Signed-off-by: Phil Sutter Acked-by: Florian Westphal Acked-by: Pablo Neira Ayuso --- src/rule.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/rule.c b/src/rule.c index 2d35bae44c9e5..3c7c8d63f8cdf 100644 --- a/src/rule.c +++ b/src/rule.c @@ -1869,7 +1869,7 @@ static void obj_print_data(const struct obj *obj, nft_print(octx, "%s", opts->nl); nft_print(octx, "%s%sprotocol ", opts->tab, opts->tab); print_proto_name_proto(obj->ct_timeout.l4proto, octx); - nft_print(octx, "%s", opts->nl); + nft_print(octx, "%s", opts->stmt_separator); nft_print(octx, "%s%sl3proto %s%s", opts->tab, opts->tab, family2str(obj->ct_timeout.l3proto),