Hi Florian,
2017-04-15 18:26 GMT+08:00 Florian Westphal <fw@xxxxxxxxx>:
[...]
> +#ifdef CONFIG_NF_CONNTRACK_EVENTS
> + case NFT_CT_EVENTMASK: {
> + struct nf_conntrack_ecache *e = nf_ct_ecache_find(ct);
> + u16 ctmask = nft_reg_load16(®s->data[priv->sreg]);
Hmm, I find that in nft utility, this ctmask is defined as a 32 bit value.
So using nft_reg_load16 maybe wrong. In order to avoid ambiguity,
I think it's better to convert it to "u32 ctmask = regs->data[priv->sreg];".
Referring to http://patchwork.ozlabs.org/patch/751013/:
+static const struct datatype ct_event_type = {
+ .type = TYPE_CT_EVENTBIT,
+ .name = "ct_event",
+ .desc = "conntrack event bits",
+ .byteorder = BYTEORDER_HOST_ENDIAN,
+ .size = 4 * BITS_PER_BYTE,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> +
> + if (e) {
> + if (e->ctmask != ctmask)
> + e->ctmask = ctmask;
> + break;
> + }
> +
> + if (ctmask && !nf_ct_is_confirmed(ct))
> + nf_ct_ecache_ext_add(ct, ctmask, 0, GFP_ATOMIC);
> + break;
> + }
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
