Hi Pablo, On Mon, 18 Sep 2017 18:28:11 +0200 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > > > + /* Fixes the match info after init. */ > > + void (*tc_init_fixup)(struct xt_entry_match *match); > > If this is only broken from tc ipt actions, could you fix this from > iproute2/tc instead? No, this is not iproute2/tc specfic. We named it 'tc_init_fixup' as it occurs just after the TC_INIT (iptc_init/ip6tc_init) call. If this is confusing, we can rename to 'init_fixup' or 'post_init_fixup' or 'iptc_init_fixup'. This must occur after every load of entries, as the xt_bpf match needs a fixup once read from kernel. The problem lies in the xt_bpf_info_v1 ABI. See: https://marc.info/?l=netfilter-devel&m=150530909630143&w=2 Regards, Shmulik -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
