On Friday 2009-01-16 08:33, Patrick McHardy wrote: >>>> As a developer of Xtables modules I have a need ;-) >>> That was one of my first thoughts, it looks mainly useful for >>> developers. And I'm not very fond of the idea of adding almost >>> 300 lines of segfile beauty for that. >>> >> Then you probably won't like it if I say that the same logic is >> needed if I shall make the existing proc-files multi-nfproto aware. > > What does "multi-nfproto aware" mean exactly? The thing is, /proc/net/ip_tables_matches's seq_start function takes the lock, lets it iterate, and drops the lock on seq_stop. That is easy for a single list (xt[af].match), but when you want to make matches from more than just one nfproto visible in that file, you need to drop the lock during seq_next, and acquire the next one too. Not only that, but you also have to switch the list you are traversing, which is currently conveniently passed through the "v" variable. And you need to keep track of the nfproto whose list you are iterating through, because seq_stop can be called with either one currently being traversed. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
