On Thu, May 31, 2018 at 08:07:04AM +0200, Máté Eckl wrote: > On Wed, May 30, 2018 at 08:56:46PM +0200, Pablo Neira Ayuso wrote: > > On Wed, May 30, 2018 at 08:54:41PM +0200, Florian Westphal wrote: > > > Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > > > I suspect you're missing some code in the evaluation phase? > > > > > > > > So you get left->len 1 and right->len 4? > > > > > > Yes, meta template sets len of 1, where as RHS is 8 bit. > > > > > > This can be fixed up during delinearization, in this case > > > we can know that kernel actually stores 1 byte. > > > > > > The 'template says its 1 bit' is only to force an error when > > > someone asks to match 'socket transparent 3'. > > > > > > I asked Mate to send this patch to help with future debugging, > > > so one can see what the mismatching values are. > > > > Use 8 bit field. I guess this will simplify things and it will map to > > what we have in the kernel. > > I just wanted to make sure that the only accepted values are 0 and 1 and I > didn't find other way to provide this check. You can reject this from the evaluation phase. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
