Re: xt_owner-xt_socket plans

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

On h, jan 21, 2008 at 02:23:25 +0100, Jan Engelhardt wrote:
> On January 21 2008 10:11, Laszlo Attila Toth wrote:
> >Jan Engelhardt wrote:
> >> I just remembered that xt_socket (from tproxy) does an (explicit) socket
> >> lookup. xt_owner on the other hand, takes the socket pointer from the skb --
> >> which of course only works in the output path.
> >> 
> >> xt_owner is still in the 2.6.25 development queue, and because the two
> >> modules are similar, I thought that maybe xt_owner could be merged with
> >> xt_socket (doing a rename to xt_socket in the current net-2.6.25),
> >> because they are quite close in their task.
> >> 
> >> That would also allow xt_owner to be used in the input path.
> >> 
> >> Opinions?
> >
> > Hello,
> >
> > That sounds great.
> >
> > Note that the socket match depends on tproxy core, also the tproxy would be
> > partially merged into the net-2.25 tree. [...]
> 
> Here is what I had in mind, please have a look.
> http://dev.computergmbh.de/gitweb.cgi?p=linux;h=dev-xtsocket;a=shortlog

This won't work:

+       sk = nf_tproxy_get_v4(iph->protocol, iph->saddr, iph->daddr,
+                             hp->source, hp->dest, in, false);
+       if (sk != NULL)
+               nf_tproxy_put_sock(sk);
+       return sk;

socket_mt_get() returns a struct sock * without holding a reference for
that pointer.

-- 
KOVACS Krisztian
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux