Hi Thierry, On Mon, Jan 15, 2018 at 01:56:09PM +0100, Thierry Du Tre wrote: > Hi Pablo, > > I prepared this third version to get aligned about the way forward for the extension for struct nf_nat_range. > > Renaming the old definition as you suggested indeed results in a much smaller patch for netfilter kernel part. > However, doing it like this also means that userspace code will require changes to cope with the new value for sizeof(struct nf_nat_range). > > i.e. iptables-1.6.1 : > > ./extensions/libip6t_SNAT.c:306: .userspacesize = XT_ALIGN(sizeof(struct nf_nat_range)), > ./extensions/libip6t_DNAT.c:290: .userspacesize = XT_ALIGN(sizeof(struct nf_nat_range)), > ./extensions/libip6t_NETMAP.c:89: .userspacesize = XT_ALIGN(sizeof(struct nf_nat_range)), > ./extensions/libip6t_MASQUERADE.c:159: .userspacesize = XT_ALIGN(sizeof(struct nf_nat_range)), > ./extensions/libip6t_REDIRECT.c:158: .userspacesize = XT_ALIGN(sizeof(struct nf_nat_range)), > > As far as I understand, all these xt target modules will have to increment their revision which makes them incompatible with current kernel versions. > The other option is to replace all occurences of nf_nat_range with nf_nat_range1 in these userspace libraries. > That would solve iptables but possible other applications might also be impacted ? > > Somehow this doesn't seem right to me, so I might have misinterpreted your earlier response. I guess you need to add new revisions for the userspace code too, right? Am I missing anything? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
