On Fri, Dec 25, 2015 at 5:43 PM, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> On Wed, Dec 23, 2015 at 08:03:33PM +0530, Shivani Bhardwaj wrote:
>> static struct xtables_match connmark_mt_reg[] = {
>> {
>> .family = NFPROTO_UNSPEC,
>> @@ -135,6 +178,7 @@ static struct xtables_match connmark_mt_reg[] = {
>> .save = connmark_save,
>> .x6_parse = connmark_parse,
>> .x6_options = connmark_mt_opts,
>> + .xlate = connmark_xlate,
>> },
>> {
>> .version = XTABLES_VERSION,
>> @@ -148,6 +192,7 @@ static struct xtables_match connmark_mt_reg[] = {
>> .save = connmark_mt_save,
>> .x6_parse = connmark_mt_parse,
>> .x6_options = connmark_mt_opts,
>> + .xlate = connmark_mt_xlate,
>
> Careful.
>
> The different revisions use different structure definitions, ie. the
> structure binary layout is different, therefore you cannot reuse the
> same connmark_mt_xlate() for the two different revision.
>
> Let me make sure I clarify this, this is revision 0:
>
> struct xt_connmark_info {
> unsigned long mark, mask;
> uint8_t invert;
> };
>
> This is revision 1:
>
> struct xt_connmark_mtinfo1 {
> __u32 mark, mask;
> __u8 invert;
> };
>
> The size of unsigned long depends on the architecture, so this code
> will not work correctly.
>
> You have to add a connmark_mt_xlate_v0() and connmark_mt_xlate_v1(),
> in each of these functions you have to cast data to the right
> structure layout.
>
> Thanks.
Thanks for explaining. I understand it now but why is this patch
wrong? I have used connmark_xlate() and connmark_mt_xlate() in their
respective places. Do I still get it wrong?
I'm correcting this mistake for MARK.
Thank you
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
