On Monday 2010-07-19 16:15, Luciano Coelho wrote:
>From: Luciano Coelho <coelho@testbed>
>
>This patch isolates and exports the condition list management code, in
>preparation for the CONDITION target to use it. No functional change,
>just reorganization of the code.
Well, I guess it would make more sense if the two extensions be in a
single file. That would alleviate the need for export reorganizations,
and also works because the module metadata overhead is large already.
>@@ -3,12 +3,27 @@
>
> #include <linux/types.h>
>
>+#define XT_CONDITION_MAX_NAME_SIZE 30
>+
> struct xt_condition_mtinfo {
>- char name[31];
>+ char name[XT_CONDITION_MAX_NAME_SIZE + 1];
> __u8 invert;
Oh noes. Please please avoid any math operations inside []. It has
already driven XT_FUNCTION_MAXNAMELEN into nuts ("was it now +1 or -1,
or even -2 that we needed to pass for various functions?"). Just let MAX
be 31 and have name[MAX].
> MODULE_ALIAS("ip6t_condition");
>
>-struct condition_variable {
>- struct list_head list;
>- struct proc_dir_entry *status_proc;
>- unsigned int refcount;
>- bool enabled;
>-};
Given your excellent usage example of a CONDITION target, I think it
even makes sense to enlarge the "enabled" variable to a full-fledged
32-bit value that can be &, | and ^'d, similar to nfmark.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
