On Fri, Aug 24, 2018 at 01:26:57PM +0200, Phil Sutter wrote:
> Of all possible TCP flags, 'ecn' is special since it is recognized by
> lex as a keyword (there is a a field in IPv4 and IPv6 headers with the
> same name). Therefore it is listed in keyword_expr, but that was
> sufficient for RHS
Hi Phil,
On Wed, Oct 03, 2018 at 09:00:51PM +0200, Phil Sutter wrote:
> On Wed, Oct 03, 2018 at 05:28:24PM +0200, Pablo Neira Ayuso wrote:
> > On Fri, Aug 24, 2018 at 01:26:57PM +0200, Phil Sutter wrote:
> > > Of all possible TCP flags, 'ecn' is special since it is recognized by
> > > lex as a
Hi Pablo,
On Wed, Oct 03, 2018 at 05:28:24PM +0200, Pablo Neira Ayuso wrote:
> On Fri, Aug 24, 2018 at 01:26:57PM +0200, Phil Sutter wrote:
> > Of all possible TCP flags, 'ecn' is special since it is recognized by
> > lex as a keyword (there is a a field in IPv4 and IPv6 headers with the
> > same
Signed-off-by: Pablo Neira Ayuso
---
include/netlink.h | 1 -
src/netlink.c | 5 -
src/rule.c| 5 +++--
3 files changed, 3 insertions(+), 8 deletions(-)
diff --git a/include/netlink.h b/include/netlink.h
index d153e2be03ac..4925af04a707 100644
--- a/include/netlink.h
+++
Hi,
A bunch of assorted updates:
1) Remove json code, we have better support these days in libnftables.
So we can deprecate the existing code in libnftnl.
2) Peel off the netlink layer sitting between the command and mnl
layers. This is just preparation works for the extended error
The netlink layer sits in between the mnl and the rule layers, remove
it. We can remove alloc_nftnl_chain() and consolidate infrastructure in
the src/mnl.c file.
Signed-off-by: Pablo Neira Ayuso
---
include/mnl.h | 10 +++---
include/netlink.h | 8 -
src/mnl.c | 98
We have better json support these days, remove libnftnl json support.
Signed-off-by: Pablo Neira Ayuso
---
src/netlink.c | 276 +-
1 file changed, 2 insertions(+), 274 deletions(-)
diff --git a/src/netlink.c b/src/netlink.c
index
The netlink layer sits in between the mnl and the rule layers, remove
it. We can remove alloc_nftnl_table() and consolidate infrastructure in
the src/mnl.c file.
Signed-off-by: Pablo Neira Ayuso
---
include/mnl.h | 9 +
include/netlink.h | 7 ---
src/mnl.c | 55
On Wed, Oct 03, 2018 at 05:28:24PM +0200, Pablo Neira Ayuso wrote:
[...]
> On Fri, Aug 24, 2018 at 01:26:57PM +0200, Phil Sutter wrote:
> > diff --git a/tests/py/inet/tcp.t b/tests/py/inet/tcp.t
> > index d66ba8438a32f..f96e3634f41ed 100644
> > --- a/tests/py/inet/tcp.t
> > +++
Hi Fernando,
A few comments.
On Sat, Sep 29, 2018 at 12:18:51PM +0200, Fernando Fernandez Mancera wrote:
> Add ttl option support to the nftables "osf" expression.
>
> Signed-off-by: Fernando Fernandez Mancera
> ---
> v1: initial patch
> v2: code correctness and fix the "~" typo.
> ---
>
Hi Phil,
On Fri, Aug 24, 2018 at 01:26:57PM +0200, Phil Sutter wrote:
> Of all possible TCP flags, 'ecn' is special since it is recognized by
> lex as a keyword (there is a a field in IPv4 and IPv6 headers with the
> same name). Therefore it is listed in keyword_expr, but that was
> sufficient
No need to keep iterating once the range object has been allocated.
Signed-off-by: Pablo Neira Ayuso
---
src/segtree.c | 10 ++
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/src/segtree.c b/src/segtree.c
index dc2554b72acf..dc457d6bc1b7 100644
--- a/src/segtree.c
+++
Release set and elements in case of error.
Signed-off-by: Pablo Neira Ayuso
---
src/rule.c | 8 +++-
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/src/rule.c b/src/rule.c
index e6d61b670688..6d027c261f97 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -2190,17 +2190,15 @@ static
On Fri, Sep 28, 2018 at 06:17:31PM +0200, Phil Sutter wrote:
> This command is currently broken when used in sets with ranges. Test
> various variants against known data and check if output is as expected.
Applied, thanks.
Release set content on error. Moreover, release input set content in
case we finally manage to decompose it.
Signed-off-by: Pablo Neira Ayuso
---
src/segtree.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/segtree.c b/src/segtree.c
index 0d53c83fd837..dc2554b72acf 100644
---
This function overrides the left pointer. Instead update this function
to return the range that we found to enclose the left element. Note that
we may not find a closing right element - therefore, it is a standalone
element - in that case this function returns NULL.
Reported-by: Phil Sutter
16 matches
Mail list logo