Re: What happened to xt_match_param

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 
AFT <aftnix@xxxxxxxxx> writes:

> Hi,
>
> In "writing netfilter module", by JAN, there is a inconsistancy in
> section 2.5 named "Point of decision".
>
> Here a match function is prototyped as ,
>
> struct bool ipaddr_mt(const struct sk_buff *skb,
>                       struct xt_match_param *par);
>                       
> Now there is no xt_match_param in netfilter.h. The closest thing is
> 'struct xt_mtchk_param'. which is defined as,
>
> struct xt_mtchk_param {
> 	struct net *net;
> 	const char *table;
> 	const void *entryinfo;
> 	const struct xt_match *match;
> 	void *matchinfo;
> 	unsigned int hook_mask;
> 	u_int8_t family;
> };
>
> So at first i thought i can just replace it with xt_mtchk_param. But the
> problem is the text reads following lines which can not be right if i
> replace xt_match_param with xt_mtchk_param.
>
> par->in and par->out supposed to point to IN or OUT network devices. but
> as you can see there is no such fields in xt_mtchk_param.
>
> These struct net_device *in,out fields are inside struct
> xt_action_param.
>
> struct xt_action_param{
>        ...........
>        struct net_device *in,*out;
>        ...........
> }
>
> After subsequent reading i understood, it should be struct
> xt_action_param in the match function's prototype. so the correct
> prototype should be,
>
> static bool ipaddr_mt(const struct sk_buff *skb,
>                       struct xt_action_param *par);
>
> So it should be updated so that noobs like me does not get confused.
>
> cheers
> aft

another thing I forgot to mention, why there is a separate structure
struct xt_action_param and struct xt_mtchk_param? where most of the
fields appear to be identical?

struct xt_mtchk_param {
	struct net *net;
	const char *table;
	const void *entryinfo;
	const struct xt_match *match;
	void *matchinfo;
	unsigned int hook_mask;
	u_int8_t family;
};

and 

struct xt_action_param {
	union {
		const struct xt_match *match;
		const struct xt_target *target;
	};
	union {
		const void *matchinfo, *targinfo;
	};
	const struct net_device *in, *out;
	int fragoff;
	unsigned int thoff;
	unsigned int hooknum;
	u_int8_t family;
	bool hotdrop;
};

Although in comments, its mentioned that struct xt_action_param is for
match/target extensions where as struct xt_mtchk_param is for checkentry
functions. these explanations seems superficial to me, so there should
be better explanation. (one thing comes to my mind, that xt_action_param
contains a union for xt_match/xt_target. so checking entry it will not
be usable when this is initialized with xt_target rather than
xt_match. But this explanation also seems a mere technicality, which can
easily be overcome),

cheers
aft
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

Powered by Linux