>From: netfilter-devel-owner
>Date: 2015-04-16
>To: pablo@xxxxxxxxxxxxx
>Subject: Re: Re: [PATCH] Add NFPROTO_ARP for mark
>
>
>hi pablo
>
>>From: Pablo Neira Ayuso
>>Date: 2015-04-09
>>To: Zhang, Chunyu/章 春宇
>>Subject: Re: Re: [PATCH] Add NFPROTO_ARP for mark
>>
>>On Thu, Apr 09, 2015 at 03:54:33AM +0000, Zhang, Chunyu wrote:
>>> >From: Pablo Neira Ayuso
>>> >Date: 2015-04-09
>>> >To: Zhang, Chunyu/章 春宇
>>> >Subject: Re: [PATCH] Add NFPROTO_ARP for mark
>>[...]
>>> >> @@ -41,13 +42,23 @@ mark_mt(const struct sk_buff *skb, struct xt_action_param *par)
>>> >> return ((skb->mark & info->mask) == info->mark) ^ info->invert;
>>> >> }
>>> >>
>>> >> -static struct xt_target mark_tg_reg __read_mostly = {
>>> >> - .name = "MARK",
>>> >> - .revision = 2,
>>> >> - .family = NFPROTO_UNSPEC,
>>> >> - .target = mark_tg,
>>> >> - .targetsize = sizeof(struct xt_mark_tginfo2),
>>> >> - .me = THIS_MODULE,
>>> >> +static struct xt_target mark_tg_reg[] __read_mostly = {
>>> >> + {
>>> >> + .name = "MARK",
>>> >> + .revision = 2,
>>> >> + .family = NFPROTO_UNSPEC,
>>> >> + .target = mark_tg,
>>> >> + .targetsize = sizeof(struct xt_mark_tginfo2),
>>> >> + .me = THIS_MODULE,
>>> >> + },
>>> >> + {
>>> >> + .name = "MARK",
>>> >> + .revision = 2,
>>> >> + .family = NFPROTO_ARP,
>>> >> + .target = mark_tg,
>>> >> + .targetsize = sizeof(struct xt_mark_tginfo2),
>>> >> + .me = THIS_MODULE,
>>> >> + }
>>> >> };
>>> >
>>> >You don't need this.
>>> >
>>> >The problem is here that your patch:
>>> >
>>> >http://patchwork.ozlabs.org/patch/455966/
>>> >
>>> >is missing this chunk:
>>> >
>>> >diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c
>>> >index a034930..87404ce 100644
>>> >--- a/libarptc/libarptc_incl.c
>>> >+++ b/libarptc/libarptc_incl.c
>>> >@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle,
>>> > /* memset to all 0 for your memcmp convenience. */
>>> > memset(t->u.user.name + strlen(t->u.user.name),
>>> > 0,
>>> >- FUNCTION_MAXNAMELEN - strlen(t->u.user.name));
>>> >+ FUNCTION_MAXNAMELEN - 1 - strlen(t->u.user.name));
>>> > return 1;
>>> > }
>
>1.
>maybe should change like this?
>
>diff --git a/libarptc/libarptc_incl.c b/libarptc/libarptc_incl.c
>index a034930..4049cbd 100644
>--- a/libarptc/libarptc_incl.c
>+++ b/libarptc/libarptc_incl.c
>@@ -872,7 +872,7 @@ map_target(const TC_HANDLE_T handle,
> /* memset to all 0 for your memcmp convenience. */
> memset(t->u.user.name + strlen(t->u.user.name),
> 0,
>- FUNCTION_MAXNAMELEN - strlen(t->u.user.name));
>+ XT_EXTENSION_MAXNAMELEN - strlen(t->u.user.name));
> return 1;
> }
>
>2. mabye have other 4 places should change ?
>arptables.c:2330: if (chain && strlen(chain) > ARPT_FUNCTION_MAXNAMELEN)
>arptables.c:2333: chain, ARPT_FUNCTION_MAXNAMELEN);
>include/linux/netfilter/x_tables.h:71: char errorname[XT_FUNCTION_MAXNAMELEN];
>libarptc/libarptc_incl.c:827: memset(t->target.u.user.name, 0, FUNCTION_MAXNAMELEN);
or change like this :
diff --git a/libarptc/libarptc.c b/libarptc/libarptc.c
index 0025a75..19b73d0 100644
--- a/libarptc/libarptc.c
+++ b/libarptc/libarptc.c
@@ -47,7 +47,7 @@ typedef unsigned int socklen_t;
#define ENTRY_ITERATE ARPT_ENTRY_ITERATE
#define TABLE_MAXNAMELEN ARPT_TABLE_MAXNAMELEN
-#define FUNCTION_MAXNAMELEN ARPT_FUNCTION_MAXNAMELEN
+#define FUNCTION_MAXNAMELEN XT_EXTENSION_MAXNAMELEN
#define GET_TARGET arpt_get_target
>>> >
>>> >Otherwise, the revision number is zeroed.
>>> >
>>> >And you don't need: http://patchwork.ozlabs.org/patch/455965/.
>>> >
>>> >Please, rebase your userspace patches on top of current arptables git
>>> >and resubmit. Thanks.
>>>
>>> get it 。will do。
>>> why arptables --set-mark can work , when add NFPROTO_ARP to xt_mark ?
>>
>>I guess you're still using the userspace patches you sent.
>>
>>If you rebase on top of current arptables HEAD, that will not work.N�����r��y���b�X��ǧv�^�){.n�+���z��u�ޖ)���w*�jg���������ݢj/���z�ޖ��2�ޙ���&�)ߡ�a������G���h���j:+v���w�٥��.n��������+%�������w��{.n����z�����n�r�������&��z�ޗ�zf���h���~����������_��+v���)ߣ�
