On Oct 1 2007 00:51, KOVACS Krisztian wrote:
>> > +/* TPROXY target is capable of marking the packet to perform
>> > + * redirection. We can get rid of that whenever we get support for
>> > + * mutliple targets in the same rule. */
>> > +struct ipt_tproxy_target_info {
>> > + __be32 laddr;
>> > + __be16 lport;
>> > + unsigned long mark_mask;
>> > + unsigned long mark_value;
>>
>> This should use fixed size types.
>
>Yes, but marks are unsigned longs, aren't they? So if we restrict this to say
>32bit then we lose the ability to use the upper half of the mark...
longs are 32 and 64 bits, resp. A 64-bit kernel with a 32-bit userland,
well it speaks for itself.
The more I am puzzled as to why xt_MARK.h, xt_mark.h, xt_CONNMARK.h,
xt_connmark.h use longs, and not uint32_t! Only xt_SECMARK.h does it right...
Patrick, is this a longstanding 'bug'?
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
