On Wed, Jul 07, 2021 at 12:52:31AM +0200, Pablo Neira Ayuso wrote: > On Tue, Jul 06, 2021 at 03:36:48PM +1000, Duncan Roe wrote: > > A user will typically copy nf-queue.c, make changes and compile: picking up > > /usr/include/linux/nfnetlink_queue.h rather than > > /usr/include/libnetfilter_queue/linux_nfnetlink_queue.h as is recommended. > > > > libnetfilter_queue.h already includes linux_nfnetlink_queue.h so we only need > > to delete the errant line. > > > > (Running `make nf-queue` from within libnetfilter_queue/examples will get > > the private cached version of nfnetlink_queue.h which is not distributed). > > > > Signed-off-by: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx> > > --- > > v2: Don't insert a new #include > > Doesn't clash with other nearby patch > > examples/nf-queue.c | 1 - > > 1 file changed, 1 deletion(-) > > > > diff --git a/examples/nf-queue.c b/examples/nf-queue.c > > index 3da2c24..e4b33b5 100644 > > --- a/examples/nf-queue.c > > +++ b/examples/nf-queue.c > > @@ -11,7 +11,6 @@ > > #include <linux/netfilter/nfnetlink.h> > > > > #include <linux/types.h> > > -#include <linux/netfilter/nfnetlink_queue.h> > > I remember now what the intention was. > > This include is fine as is: new applications should cache a copy of > nfnetlink_queue.h in their own tree, that's the recommended way to go. > This is the approach that we follow in other existing userspace > netfilter codebase (ie. the userspace program caches the kernel UAPI > header in the tree). The linux_nfnetlink_queue.h header is a legacy > file only for backward compatibility, it should not be used for new > software. This is not documented, the use of this include in > examples/nf-queue.c was intentional. > > This approach also allows to fall back to the UAPI kernel headers that > are installed in your system. > > Thanks. Thanks for explaining. But I do see a glitch: if you put > #include <libnetfilter_queue/libnetfilter_queue.h> before > #include <linux/netfilter/nfnetlink_queue.h> then you will get libnetfilter_queue/linux_nfnetlink_queue.h because libnetfilter_queue.h includes it. IMHO it's highly undesirable for the order of #include stmts to make a difference and we should do something about it. If you like, I can submit a patch to remove the linux_nfnetlink_queue.h include from libnetfilter_queue.h and add nfnetlink_queue.h to any sources which then fail to compile. Should I? Cheers ... Duncan.
