rapper and has a different syntax
so the command fails.
>
> Maybe if you point out the bug, I can look after it.
A possible solution is to update configure.ac to check that docbook2man
(if found) accept the correct option.
BR,
--
Eric
>
> Regards,
> Máté
>
> On Mon
Signed-off-by: Eric Leblond
---
tests/py/nft-test.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tests/py/nft-test.py b/tests/py/nft-test.py
index 1c736be..e4367ad 100755
--- a/tests/py/nft-test.py
+++ b/tests/py/nft-test.py
@@ -19,11 +19,11 @@ import argparse
import
docbook2man can not be used with the same option so let's remove
it from the alternative. Fedora and debian seems to be fine with
that.
---
configure.ac | 9 +++--
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/configure.ac b/configure.ac
index 4d21cb4..9f5d0f9 100644
---
---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 3c5ba4d..5705702 100644
--- a/configure.ac
+++ b/configure.ac
@@ -82,7 +82,7 @@ AM_COND_IF([BUILD_PDF], [
AS_IF([test "$need_a2x" = "yes"], [
AC_CHECK_PROG(A2X, [a2x],
It will be distributed separately so this worth setting things
correctly.
---
py/nftables.py | 16
1 file changed, 16 insertions(+)
diff --git a/py/nftables.py b/py/nftables.py
index d613505..e725c56 100644
--- a/py/nftables.py
+++ b/py/nftables.py
@@ -1,3 +1,19 @@
---
doc/Makefile.am | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/doc/Makefile.am b/doc/Makefile.am
index 9796d34..1ec3b3e 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -9,19 +9,19 @@ endif
pdfdir=${docdir}/pdf
.xml.pdf:
- ${AM_V_GEN}dblatex -q -t
---
configure.ac | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/configure.ac b/configure.ac
index 5705702..4d21cb4 100644
--- a/configure.ac
+++ b/configure.ac
@@ -108,7 +108,7 @@ AC_SUBST(with_cli)
AM_CONDITIONAL([BUILD_CLI], [test "x$with_cli" != xno])
setup.py is used to build and install the python binding. Call
to setup.py are done in Makefile to proceed to build and
installation.
---
Makefile.am| 3 ++-
configure.ac | 24
py/.gitignore | 4
py/Makefile.am | 31 +++
Move import and use explicit parameter in object creation.
---
tests/py/nft-test.py | 7 +--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/tests/py/nft-test.py b/tests/py/nft-test.py
index c02294a..fdc1cd5 100755
--- a/tests/py/nft-test.py
+++ b/tests/py/nft-test.py
@@ -19,6
Hello,
Here is the update of previous patchset with improvement on python
detection. It is now possible to specify which python binary to use
at configure time.
Following discussion with Phil Sutter, a version check is remaining. I
will try to send that soon.
BR,
--
Eric Leblond
Hi,
On Mon, 2018-06-18 at 13:51 +0200, Eric Leblond wrote:
> setup.py is used to build and install the python binding. Call
> to setup.py are done in Makefile to proceed to build and
> installation.
> ---
> Makefile.am| 3 ++-
...
> + 'Intended Audi
Hello,
Here is a small patchset providing installation of the nftables
python binding and fixing a series of small issues (biggest one
is the fix of distcheck).
Best Regards,
--
Eric Leblond
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" i
setup.py is used to build and install the python binding. Call
to setup.py are done in Makefile to proceed to build and
installation.
---
Makefile.am| 3 ++-
configure.ac | 6 ++
py/Makefile.am | 31 +++
py/__init__.py | 1 +
py/nftables.py | 2 ++
---
doc/Makefile.am | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/doc/Makefile.am b/doc/Makefile.am
index 9796d34..1ec3b3e 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -9,19 +9,19 @@ endif
pdfdir=${docdir}/pdf
.xml.pdf:
- ${AM_V_GEN}dblatex -q -t
It will be distributed separately so this worth setting things
correctly.
---
py/nftables.py | 16
1 file changed, 16 insertions(+)
diff --git a/py/nftables.py b/py/nftables.py
index d613505..e725c56 100644
--- a/py/nftables.py
+++ b/py/nftables.py
@@ -1,3 +1,19 @@
Move import and use explicit parameter in object creation.
---
tests/py/nft-test.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tests/py/nft-test.py b/tests/py/nft-test.py
index c02294a..cbdff98 100755
--- a/tests/py/nft-test.py
+++ b/tests/py/nft-test.py
@@ -18,6
---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 3c5ba4d..5705702 100644
--- a/configure.ac
+++ b/configure.ac
@@ -82,7 +82,7 @@ AM_COND_IF([BUILD_PDF], [
AS_IF([test "$need_a2x" = "yes"], [
AC_CHECK_PROG(A2X, [a2x],
---
configure.ac | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/configure.ac b/configure.ac
index 5705702..4d21cb4 100644
--- a/configure.ac
+++ b/configure.ac
@@ -108,7 +108,7 @@ AC_SUBST(with_cli)
AM_CONDITIONAL([BUILD_CLI], [test "x$with_cli" != xno])
---
py/.gitignore | 4
1 file changed, 4 insertions(+)
diff --git a/py/.gitignore b/py/.gitignore
index 0d20b64..09c1e62 100644
--- a/py/.gitignore
+++ b/py/.gitignore
@@ -1 +1,5 @@
*.pyc
+build/
+dist/
+lib.*/
+nftables.egg-info/
--
2.17.1
--
To unsubscribe from this list: send the line
Following discussion with Phil Sutter, set author to Netfilter
project and use coreteam mail.
---
py/setup.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/py/setup.py b/py/setup.py
index 663574a..4154560 100755
--- a/py/setup.py
+++ b/py/setup.py
@@ -5,8 +5,8 @@ from
Hi,
On Mon, 2017-09-04 at 22:53 +0200, Pablo Neira Ayuso wrote:
> On Mon, Sep 04, 2017 at 10:43:48PM +0200, Pablo Neira Ayuso wrote:
> > On Mon, Sep 04, 2017 at 09:55:58AM +0200, Eric Leblond wrote:
> > > This patch introduces the nft_print function that has to be used
>
the libnftables library to provide an
easy way to the users to get the output data and display them like
they want.
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/datatype.h | 5 +-
include/expression.h | 2 +-
include/nftables.h | 5 ++
src/cli.c| 1 +
sr
By adding flags to nft_ctx_new, we will have a minimum capabilities
of changing the way the nft_ctx is created.
For now, this patch uses a simple value that allow the user to specify
that he will handle netlink by himself.
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables.
Hi,
This patchset update previous one following Pablo's suggestion:
* remove unused custom netlink flag
* rename ouput function to nft_print
* change default output buffer size to 4k instead of 128 that was used
for debug (and causing a lot of realloc)
BR,
--
Eric
--
To unsubscribe from this
Hi,
On Mon, 2017-09-04 at 00:34 +0200, Pablo Neira Ayuso wrote:
> On Mon, Sep 04, 2017 at 12:03:56AM +0200, Eric Leblond wrote:
> > This patch introduces the nft_print_to_output_ctx function that has
> > to be used instead of printf to output information that where
> > prev
Hi,
On Mon, 2017-09-04 at 00:45 +0200, Pablo Neira Ayuso wrote:
> On Mon, Sep 04, 2017 at 12:33:09AM +0200, Pablo Neira Ayuso wrote:
> > On Mon, Sep 04, 2017 at 12:03:55AM +0200, Eric Leblond wrote:
> > > By adding flags to nft_ctx_new, we will have a minimum
> > > cap
By adding flags to nft_ctx_new, we will have a minimum capabilities
of changing the way the nft_ctx is created.
For now, this patch uses a simple value that allow the user to specify
that he will handle netlink by himself.
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables.
Hi,
Here is two patches relative to libnftables preparation work.
The first one it changing the way a nft_ctx is created to be able
to skip the netlink init function call and also to have some freedom
later.
The second one is getting the printf out. This is completely changed
from what was
will allow the libnftables library to provide an
easy way to the users to get the output data and display them like
they want.
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/datatype.h | 5 +-
include/expression.h | 2 +-
include/nftables.h | 5 ++
src/cli.c
Hi,
On Fri, 2017-08-25 at 11:59 +0200, Pablo Neira Ayuso wrote:
> On Sat, Aug 19, 2017 at 05:24:15PM +0200, Eric Leblond wrote:
> > This function allows user to set his own printing function. It is
> > still dependant of the format used by nft but at least it can be
> &
Hi,
On Thu, 2017-08-24 at 18:02 +0200, Pablo Neira Ayuso wrote:
> On Mon, Aug 21, 2017 at 09:12:49PM +0200, Eric Leblond wrote:
> [...]
> > On Mon, 2017-08-21 at 10:37 +0200, Pablo Neira Ayuso wrote:
>
> [...]
> > > > diff --git a/src/libnftables.c b/src/libnf
y way I find to do this is to - yick - add a flag to
> nft_ctx_new().
Agree with the flag idea. This will add a minimum flexibility to the
structure creation.
Regarding the patch, I'm good with it.
Acked-by: Eric Leblond <e...@regit.org>
++
--
Eric Leblond <e...@regit.org>
--
To unsubscr
as "don't handle netlink" or
"handle netlink". But setting the info could also be done in another
function so I let you decide.
++
> Thanks.
>
>
> On Sat, Aug 19, 2017 at 05:24:06PM +0200, Eric Leblond wrote:
> > Signed-off-by: Eric Leblond <e...@regit.
Hi,
On Tue, 2017-08-22 at 14:37 +0200, Pablo Neira Ayuso wrote:
> On Mon, Aug 21, 2017 at 09:21:06PM +0200, Eric Leblond wrote:
> > On Mon, 2017-08-21 at 11:44 +0200, Pablo Neira Ayuso wrote:
> > > On Mon, Aug 21, 2017 at 11:06:19AM +0200, Eric Leblond wrote:
>
> [...]
Hi,
On Mon, 2017-08-21 at 11:44 +0200, Pablo Neira Ayuso wrote:
> On Mon, Aug 21, 2017 at 11:06:19AM +0200, Eric Leblond wrote:
> > Hi,
> >
> > On Mon, 2017-08-21 at 10:45 +0200, Pablo Neira Ayuso wrote:
> > > On Mon, Aug 21, 2017 at 10:23:44AM +0200,
Hi,
On Mon, 2017-08-21 at 10:37 +0200, Pablo Neira Ayuso wrote:
> On Sat, Aug 19, 2017 at 05:24:17PM +0200, Eric Leblond wrote:
> > As memory handling is defficient if we don't do so, we can't really
> > use a non 1 value for the parameter in the library due to memory
> >
Hello,
On Mon, 2017-08-21 at 10:27 +0200, Pablo Neira Ayuso wrote:
> On Sat, Aug 19, 2017 at 05:24:10PM +0200, Eric Leblond wrote:
> > This patch also avoids double definition of global vars.
> >
> > Signed-off-by: Eric Leblond <e...@regit.org>
> > ---
>
Hi,
On Mon, 2017-08-21 at 10:10 +0200, Pablo Neira Ayuso wrote:
> Hi Eric,
>
> On Sat, Aug 19, 2017 at 05:24:03PM +0200, Eric Leblond wrote:
> > If one of the command is failing we should return an error.
>
> Is this fixing up a real issue or it is something you need in
Hi,
On Mon, 2017-08-21 at 10:45 +0200, Pablo Neira Ayuso wrote:
> On Mon, Aug 21, 2017 at 10:23:44AM +0200, Pablo Neira Ayuso wrote:
> > On Sat, Aug 19, 2017 at 05:24:07PM +0200, Eric Leblond wrote:
> > > Signed-off-by: Eric Leblond <e...@regit.org>
> > > ---
&
that can be used to modify
the max_errors parameter. It is used in main to keep the existing
behavior.
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables/nftables.h | 1 +
src/libnftables.c | 8 +++-
src/main.c | 1 +
3 files changed, 9 insertions
This function allows user to set his own printing function. It is
still dependant of the format used by nft but at least it can be
redirected easily.
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables/nftables.h | 3 +++
src/libnftables.c | 9 +
2 files c
Signed-off-by: Eric Leblond <e...@regit.org>
---
src/libnftables.c | 1 +
src/main.c| 1 -
2 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libnftables.c b/src/libnftables.c
index 19d539c..2228156 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -50,6
Hide this structure from the user, this allows simplify the simple
functions by just providing easy and meaningfull arguments.
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/cli.h | 2 +-
include/nftables.h | 13 +++--
include/nftables/nftables.
It had a nft_get_error to be able to fetch existing errors and get
them into a buffer that can be later used by the application.
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables.h | 1 +
include/nftables/nftables.h | 1 +
src/libnftables.c
Use a custom print function that user will be able to set instead of
using a direct call to printf.
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/datatype.h | 5 +-
include/expression.h | 2 +-
include/nftables.h | 2 +
src/ct.c | 20 +++
src/data
Document libnftables and provide a Doxyfile example.
Signed-off-by: Eric Leblond <e...@regit.org>
---
Doxyfile | 2495 +
src/libnftables.c | 211 -
2 files changed, 2705 insertions(+), 1 deletion(-)
create mode 100644 Do
Signed-off-by: Eric Leblond <e...@regit.org>
---
src/libnftables.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/src/libnftables.c b/src/libnftables.c
index b1df916..1abe077 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -26,9 +26,6 @@
unsigned int max_erro
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables.h | 1 +
include/nftables/nftables.h | 3 +++
src/libnftables.c | 20
src/main.c | 29 ++---
4 files changed, 38 insertions(+), 15 del
Add global init and deinit functions.
Signed-off-by: Eric Leblond <e...@regit.org>
---
configure.ac | 4
include/Makefile.am | 2 +-
include/nftables/Makefile.am | 2 ++
include/nftables/nftables.h | 20 +
src/Makefile.am
Hello,
This patchset is the second version of libnftables introduction patchset.
It addresses some remarks by Phil Sutter. Other remarks as said on the ML
are in fact TODO points that can be adressed later.
This patchset also fixes issues with error handling and adds documentation
in doxygen
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables/nftables.h | 3 +++
src/libnftables.c | 26 +-
src/main.c | 19 ---
3 files changed, 36 insertions(+), 12 deletions(-)
diff --git a/include/nftables/nftabl
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables.h| 4 --
include/nftables_common.h | 18
src/Makefile.am | 1 +
src/cli.c | 1 +
src/libnftables.c | 2 +
src/main.c
Add new function to read nftables command from a file
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables/nftables.h | 2 ++
src/libnftables.c | 25 +
src/main.c | 16 +++-
3 files changed, 30 insertions(
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/erec.h | 1 +
src/erec.c | 10 ++
2 files changed, 11 insertions(+)
diff --git a/include/erec.h b/include/erec.h
index 36e0efa..befc274 100644
--- a/include/erec.h
+++ b/include/erec.h
@@ -60,6 +60,7 @@ static inlin
Hi,
On Thu, 2017-08-17 at 11:35 +0200, Phil Sutter wrote:
> On Wed, Aug 16, 2017 at 10:43:00PM +0200, Eric Leblond wrote:
> > Signed-off-by: Eric Leblond <e...@regit.org>
> > ---
> > src/libnftables.c | 2 ++
> > src/main.c| 1 -
> > 2 fil
Hi,
On Thu, 2017-08-17 at 12:32 +0200, Phil Sutter wrote:
> On Wed, Aug 16, 2017 at 10:43:09PM +0200, Eric Leblond wrote:
> [...]
> > diff --git a/src/libnftables.c b/src/libnftables.c
> > index c50c068..a42e8f1 100644
> > --- a/src/libnftables.c
> > +++ b/src/li
Hi,
On Thu, 2017-08-17 at 12:01 +0200, Phil Sutter wrote:
> On Wed, Aug 16, 2017 at 10:43:04PM +0200, Eric Leblond wrote:
> [...]
> > diff --git a/include/nftables.h b/include/nftables.h
> > index 348fbb0..ddff5d8 100644
> > --- a/include/nftables.h
> > +++ b/include
Hi,
On Thu, 2017-08-17 at 19:13 +0200, Phil Sutter wrote:
> Hey,
>
> On Thu, Aug 17, 2017 at 07:09:02PM +0200, Eric Leblond wrote:
> > On Thu, 2017-08-17 at 10:57 +0200, Phil Sutter wrote:
> > > On Wed, Aug 16, 2017 at 10:42:55PM +0200, Eric Leblond wrote:
Hi,
On Thu, 2017-08-17 at 10:57 +0200, Phil Sutter wrote:
> On Wed, Aug 16, 2017 at 10:42:55PM +0200, Eric Leblond wrote:
> [...]
> > diff --git a/src/libnftables.c b/src/libnftables.c
> > new file mode 100644
> > index 000..215179a
> > --- /dev/null
> >
Hi,
On Thu, 2017-08-17 at 10:32 +0200, Arturo Borrero Gonzalez wrote:
> On 16 August 2017 at 22:42, Eric Leblond <e...@regit.org> wrote:
> >
> > Hello,
> >
> > This patchset adds a basi high level libnftables to nftables code.
> > It is currently sup
Signed-off-by: Eric Leblond <e...@regit.org>
---
src/libnftables.c | 2 ++
src/main.c| 1 -
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/libnftables.c b/src/libnftables.c
index 6599248..6d4aceb 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -33,6
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/netlink.h | 5 +++
include/nftables/nftables.h | 7
src/libnftables.c | 89 +
3 files changed, 101 insertions(+)
diff --git a/include/netlink.h b/include/net
Use a custom print function that user will be able to set instead of
using a direct call to printf.
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/datatype.h | 5 +-
include/expression.h | 2 +-
include/nftables.h | 2 +
src/ct.c | 20 +++
src/data
Add global init and deinit functions.
Signed-off-by: Eric Leblond <e...@regit.org>
---
configure.ac | 4
include/Makefile.am | 2 +-
include/nftables/Makefile.am | 2 ++
include/nftables/nftables.h | 20 +
src/Makefile.am
Hello,
This patchset adds a basi high level libnftables to nftables code.
It is currently supporting running a command from a buffer or from
a file as well as batch support allowing to chain commands and commit
them at once.
The API is mostly using existing structures such as nft_ctx that are
So it can be used by client to check function return.
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables.h | 7 ---
include/nftables/nftables.h | 7 +++
src/netlink.c | 1 +
src/utils.c | 1 +
4 files changed, 9 insertions
Hide this structure from the user, this allows simplify the simple
functions by just providing easy and meaningfull arguments.
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/cli.h | 2 +-
include/nftables.h | 13 +++--
include/nftables/nftables.
that can be used to modify
the max_errors parameter. It is used in main to keep the existing
behavior.
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables/nftables.h | 1 +
src/libnftables.c | 8 +++-
src/main.c | 1 +
3 files changed, 9 insertions
Signed-off-by: Eric Leblond <e...@regit.org>
---
src/libnftables.c | 1 +
src/main.c| 1 -
2 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libnftables.c b/src/libnftables.c
index 864156c..72e6efa 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -50,6
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables/nftables.h | 3 +++
src/libnftables.c | 26 +-
src/main.c | 21 +
3 files changed, 37 insertions(+), 13 deletions(-)
diff --git a/include/nftables/nfta
This function allows user to set his own printing function. It is
still dependant of the format used by nft but at least it can be
redirected easily.
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables/nftables.h | 3 +++
src/libnftables.c | 9 +
2 files c
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/erec.h | 1 +
src/erec.c | 10 ++
2 files changed, 11 insertions(+)
diff --git a/include/erec.h b/include/erec.h
index 36e0efa..befc274 100644
--- a/include/erec.h
+++ b/include/erec.h
@@ -60,6 +60,7 @@ static inlin
Add new function to read nftables command from a file
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables/nftables.h | 2 ++
src/libnftables.c | 25 +
src/main.c | 16 +++-
3 files changed, 30 insertions(
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables.h| 4 --
include/nftables_common.h | 18
src/Makefile.am | 1 +
src/cli.c | 1 +
src/libnftables.c | 2 +
src/main.c
It had a nft_get_error to be able to fetch existing errors and get
them into a buffer that can be later used by the application.
Signed-off-by: Eric Leblond <e...@regit.org>
---
include/nftables.h | 1 +
include/nftables/nftables.h | 1 +
src/libnftables.c
Signed-off-by: Eric Leblond <e...@regit.org>
---
src/libnftables.c | 51 +++
1 file changed, 51 insertions(+)
diff --git a/src/libnftables.c b/src/libnftables.c
index a42e8f1..a9e54c4 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@
: AddressSanitizer: 13 byte(s) leaked in 1 allocation(s).
Signed-off-by: Eric Leblond <e...@regit.org>
---
src/parser_bison.y | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/parser_bison.y b/src/parser_bison.y
index a8448e1..c505a04 100644
--- a/src/parser_bison.y
+++ b/src/parser_b
int cmd;
^
= 0
Signed-off-by: Eric Leblond <e...@regit.org>
---
src/parser_bison.y | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/parser_bison.y b/src/parser_bison.y
index c505a04..b898e1c 100644
--- a/src/parser_bison.y
+++ b/src/parser_biso
Hi,
Here's a small patchset fixing some memory leaks in nftables. Most
of them have been found using ASAN.
There is still a problem in memory handling due to the max_errors
system that stack errors to avoid an exit on first error. The
consequence is that the bison parser is loosing track of its
To be able to do so we duplicate the name in the indesc if it is
set.
Signed-off-by: Eric Leblond <e...@regit.org>
---
src/erec.c| 5 +
src/scanner.l | 11 +--
2 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/src/erec.c b/src/erec.c
index eacdd97..439add9
Signed-off-by: Eric Leblond <e...@regit.org>
---
src/parser_bison.y | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/parser_bison.y b/src/parser_bison.y
index b898e1c..85cf131 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -756,6 +756,8 @
Building with a recent clang was failing due to the following error:
src/evaluate.c|450 col 45| error: initializer element is not constant
||static const unsigned int max_tcpoptlen = 15 * 4 * BITS_PER_BYTE -
tcphdrlen;
|| ^~
Signed-off-by: Eric
/git/netfilter/libnftnl/src/set.c:179
Signed-off-by: Eric Leblond <e...@regit.org>
---
src/set.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/set.c b/src/set.c
index cce5e63..1158e38 100644
--- a/src/set.c
+++ b/src/set.c
@@ -48,6 +48,8 @@ void nftnl_set_free(const struct nftnl_
Hello,
On Wed, 2017-04-12 at 14:40 +0300, Kaarle Ritvanen wrote:
> On Tue, 7 Mar 2017, Eric Leblond wrote:
>
> > I really like the idea of getting an harmonized naming for the log
> > files but I think we should do it reverse for values that are not
> > commented in the
Hi,
On Mon, 2017-05-15 at 19:55 +0200, Pablo Neira Ayuso wrote:
> On Mon, May 15, 2017 at 07:49:18PM +0200, Eric Leblond wrote:
> > Hello,
> > Le 15 mai 2017 6:52 PM, Pablo Neira Ayuso <pa...@netfilter.org>
> > a
> > écrit :
> >
> > O
node.
Signed-off-by: Eric Leblond <e...@regit.org>
---
net/netfilter/nf_conntrack_netlink.c | 4
1 file changed, 4 insertions(+)
diff --git a/net/netfilter/nf_conntrack_netlink.c
b/net/netfilter/nf_conntrack_netlink.c
index dcf561b5c97a..1a127677ffe1 100644
--- a/net/net
This patch fixes the creation of connection tracking entry from
netlink when synproxy is used. It was missing the addition of
the synproxy extension.
This was causing kernel crashes when a conntrack entry created by
conntrackd was used after the switch of traffic from active node
to the passive
671:
> ```
> memcpy(pi->id, pi_id, sizeof(pi->id));
> ```
Thanks in advance,
--
Eric Leblond <e...@regit.org>
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
onfiguration.
Most users won't have changed the values that are uncommented. So they
will have on disk the log file with name defined in the configuration
file. And they will benefit from a new logrotate file. Thus we should
use the file name defined in the conf as value of the default file name
in code.
C
t; /var/log/ulogd.pcap {
> +/var/log/ulogd*.log {
> missingok
> sharedscripts
> postrotate
PS to Kaarle: resending because initial mail did not reach the ML.
BR,
--
Eric Leblond <e...@regit.org>
Blog: https://home.regit.org/
--
To unsubscribe from this list: send the
bin /usr/local/mysql/bin
> /opt/mysql/bin /opt/packages/mysql/bin
> do
> - if test -x $d/mysql_config
> + if test -x $d/mysql_config -a "$cross_compiling" = "no";
> then
> AC_MSG_RESULT(found mysql_config in $d)
> MYSQL_INC=`$d/mysql_config --in
gt; added comment:
>
> based on ulogd which was almost entirely written by Harald Welte,
> with contributions from fellow hackers such as Pablo Neira Ayuso,
> Eric Leblond and Pierre Chifflier.
>
> to each source file. Would you tell me other things to reuse ulogd?
>
92 matches
Mail list logo