On Sun, 21 Jun 2009, Jan Engelhardt wrote:
> On Saturday 2009-06-20 23:56, Jozsef Kadlecsik wrote:
> >
> >+struct xt_error_entry {
> >+ __u8 errcode;
> >+ __u8 match;
> >+ unsigned char data[0];
> >+};
> >+
> >+#define XT_PTR_ERR (MAX_ERRNO+1)
> >+
>
> Also, the extensions return a positive non-zero value which is, if I
> paid attention correctly, passed back up to userspace unmodified. Old
> iptables may not expect that anything besides {-Inf..0} at all.
Old iptables won't issue *SO_GET_REPLACE but uses the "old"
*SO_PUT_REPLACE operation. Also, the positive error-codes are not
passed back as error codes but carried in the 'struct xt_error_entry'
structures.
Best regards,
Jozsef
-
E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxx
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
H-1525 Budapest 114, POB. 49, Hungary
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
