Re: [PATCH v2] Fix CONNMARK mask value demolition

Peter Warasin <peter@xxxxxxxxxx> · Tue, 15 Jan 2008 12:45:11 +0100

Hi Patrick

Patrick McHardy wrote:
> Good catch, but don't we also need set the mask for --save-mark
> and --restore-mark? I would suggest to move the initialzation
> to a ->init() function.

Oh, yes. That's necessary.
Here's the revised patch with the init() function.

peter

-- 
:: e n d i a n
:: open source - open minds

:: peter warasin
:: http://www.endian.com   :: peter@xxxxxxxxxx
Fix CONNMARK mask initialisation

This patch fixes the problem that the CONNMARK mask value
has been set to 0 whenever the CONNMARK target options were
not the last options to be processed.
It initalizes the mask value rather than setting it for
each parse.

Signed-off-by: Peter Warasin <peter@xxxxxxxxxx>

---
 extensions/libxt_CONNMARK.c |   12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

Index: iptables/extensions/libxt_CONNMARK.c
===================================================================

--- iptables.orig/extensions/libxt_CONNMARK.c	2008-01-06 03:08:18.000000000 +0100
+++ iptables/extensions/libxt_CONNMARK.c	2008-01-15 12:40:54.000000000 +0100
@@ -64,8 +64,6 @@
 	struct xt_connmark_target_info *markinfo
 		= (struct xt_connmark_target_info *)(*target)->data;
 
-	markinfo->mask = 0xffffffffUL;
-
 	switch (c) {
 		char *end;
 	case '1':
@@ -188,6 +186,14 @@
 	}
 }
 
+static void CONNMARK_init(struct xt_entry_target *t)
+{
+	struct xt_connmark_target_info *markinfo
+		= (struct xt_connmark_target_info *)t->data;
+
+	markinfo->mask = 0xffffffffUL;
+}
+
 static struct xtables_target connmark_target = {
 	.family		= AF_INET,
 	.name		= "CONNMARK",
@@ -195,6 +201,7 @@
 	.size		= XT_ALIGN(sizeof(struct xt_connmark_target_info)),
 	.userspacesize	= XT_ALIGN(sizeof(struct xt_connmark_target_info)),
 	.help		= CONNMARK_help,
+	.init           = CONNMARK_init,
 	.parse		= CONNMARK_parse,
 	.final_check	= CONNMARK_check,
 	.print		= CONNMARK_print,
@@ -209,6 +216,7 @@
 	.size		= XT_ALIGN(sizeof(struct xt_connmark_target_info)),
 	.userspacesize	= XT_ALIGN(sizeof(struct xt_connmark_target_info)),
 	.help		= CONNMARK_help,
+	.init           = CONNMARK_init,
 	.parse		= CONNMARK_parse,
 	.final_check	= CONNMARK_check,
 	.print		= CONNMARK_print,
begin:vcard
fn:Peter Warasin
n:;Peter Warasin
org:Endian GmbH/Srl
adr:;;Pillhof 47;Frangart/Frangarto;BZ;I-39010;Italien/Italia
email;internet:peter@xxxxxxxxxx
tel;work:+39 0471 631763
tel;fax:+39 0471 631764
x-mozilla-html:FALSE
url:http://www.endian.com
version:2.1
end:vcard





