From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> Date: Mon, 17 Nov 2008 09:31:37 +0100 > SKF_AD_NLATTR allows us to find the first matching attribute in a > stream of netlink attributes from one offset to the end of the > netlink message. This is not suitable to look for a specific > matching inside a set of nested attributes. > > For example, in ctnetlink messages, if we look for the CTA_V6_SRC > attribute in a message that talks about an IPv4 connection, > SKF_AD_NLATTR returns the offset of CTA_STATUS which has the same > value of CTA_V6_SRC but outside the nest. To differenciate > CTA_STATUS and CTA_V6_SRC, we would have to make assumptions on the > size of the attribute and the usual offset, resulting in horrible > BSF code. > > This patch adds SKF_AD_NLATTR_NEST, which is a variant of > SKF_AD_NLATTR, that looks for an attribute inside the limits of > a nested attributes, but not further. > > Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> This looks fine to me, Patrick is it ok with you too? If Patrick has no objections I'll apply it to net-next-2.6 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
