From 37ad1679aa18e4c3170d645f543fe4455bcdead5 Mon Sep 17 00:00:00 2001 From: gandalf Date: Wed, 26 May 2004 21:56:26 +0000 Subject: With a 64bit kernel only the high 32bits of nfmark was used regardless of 32/64bit userspace. This makes it quite hard to interoperate with 'tc'. Sync ipv6 versions with ipv4 versions. Tested on x86 and sparc64 with both 32bit and 64bit userspace. --- extensions/libip6t_MARK.c | 33 ++++++++++++++++++----- extensions/libip6t_mark.c | 46 ++++++++++++++++++++++++-------- extensions/libipt_MARK.c | 27 ++++++++++++++----- extensions/libipt_mark.c | 22 ++++++++++++++- include/linux/netfilter_ipv4/ipt_MARK.h | 12 +++++++++ include/linux/netfilter_ipv4/ipt_mark.h | 13 +++++++++ include/linux/netfilter_ipv6/ip6t_MARK.h | 12 +++++++++ include/linux/netfilter_ipv6/ip6t_mark.h | 13 +++++++++ 8 files changed, 154 insertions(+), 24 deletions(-) create mode 100644 include/linux/netfilter_ipv4/ipt_MARK.h create mode 100644 include/linux/netfilter_ipv4/ipt_mark.h create mode 100644 include/linux/netfilter_ipv6/ip6t_MARK.h create mode 100644 include/linux/netfilter_ipv6/ip6t_mark.h diff --git a/extensions/libip6t_MARK.c b/extensions/libip6t_MARK.c index 292f957..a7f1a9d 100644 --- a/extensions/libip6t_MARK.c +++ b/extensions/libip6t_MARK.c @@ -6,7 +6,8 @@ #include #include -#include +/* For 64bit kernel / 32bit userspace */ +#include "../include/linux/netfilter_ipv6/ip6t_MARK.h" /* Function which prints out usage message. */ static void @@ -41,10 +42,14 @@ parse(int c, char **argv, int invert, unsigned int *flags, = (struct ip6t_mark_target_info *)(*target)->data; switch (c) { - char *end; case '1': - markinfo->mark = strtoul(optarg, &end, 0); - if (*end != '\0' || end == optarg) +#ifdef KERNEL_64_USERSPACE_32 + if (string_to_number_ll(optarg, 0, 0, + &markinfo->mark)) +#else + if (string_to_number_l(optarg, 0, 0, + &markinfo->mark)) +#endif exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg); if (*flags) exit_error(PARAMETER_PROBLEM, @@ -67,6 +72,20 @@ final_check(unsigned int flags) "MARK target: Parameter --set-mark is required"); } +#ifdef KERNEL_64_USERSPACE_32 +static void +print_mark(unsigned long long mark) +{ + printf("0x%llx ", mark); +} +#else +static void +print_mark(unsigned long mark) +{ + printf("0x%lx ", mark); +} +#endif + /* Prints out the targinfo. */ static void print(const struct ip6t_ip6 *ip, @@ -76,7 +95,8 @@ print(const struct ip6t_ip6 *ip, const struct ip6t_mark_target_info *markinfo = (const struct ip6t_mark_target_info *)target->data; - printf("MARK set 0x%lx ", markinfo->mark); + printf("MARK set "); + print_mark(markinfo->mark); } /* Saves the union ipt_targinfo in parsable form to stdout. */ @@ -86,7 +106,8 @@ save(const struct ip6t_ip6 *ip, const struct ip6t_entry_target *target) const struct ip6t_mark_target_info *markinfo = (const struct ip6t_mark_target_info *)target->data; - printf("--set-mark 0x%lx ", markinfo->mark); + printf("--set-mark "); + print_mark(markinfo->mark); } static diff --git a/extensions/libip6t_mark.c b/extensions/libip6t_mark.c index 4aa606e..5f335eb 100644 --- a/extensions/libip6t_mark.c +++ b/extensions/libip6t_mark.c @@ -6,7 +6,8 @@ #include #include -#include +/* For 64bit kernel / 32bit userspace */ +#include "../include/linux/netfilter_ipv6/ip6t_mark.h" /* Function which prints out usage message. */ static void @@ -46,11 +47,19 @@ parse(int c, char **argv, int invert, unsigned int *flags, char *end; case '1': check_inverse(optarg, &invert, &optind, 0); +#ifdef KERNEL_64_USERSPACE_32 + markinfo->mark = strtoull(optarg, &end, 0); + if (*end == '/') { + markinfo->mask = strtoull(end+1, &end, 0); + } else + markinfo->mask = 0xffffffffffffffffULL; +#else markinfo->mark = strtoul(optarg, &end, 0); if (*end == '/') { markinfo->mask = strtoul(end+1, &end, 0); } else markinfo->mask = 0xffffffff; +#endif if (*end != '\0' || end == optarg) exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg); if (invert) @@ -64,17 +73,25 @@ parse(int c, char **argv, int invert, unsigned int *flags, return 1; } +#ifdef KERNEL_64_USERSPACE_32 static void -print_mark(unsigned long mark, unsigned long mask, int invert, int numeric) +print_mark(unsigned long long mark, unsigned long long mask, int numeric) +{ + if(mask != 0xffffffffffffffffULL) + printf("0x%llx/0x%llx ", mark, mask); + else + printf("0x%llx ", mark); +} +#else +static void +print_mark(unsigned long mark, unsigned long mask, int numeric) { - if (invert) - fputc('!', stdout); - if(mask != 0xffffffff) printf("0x%lx/0x%lx ", mark, mask); else printf("0x%lx ", mark); } +#endif /* Final check; must have specified --mark. */ static void @@ -91,20 +108,27 @@ print(const struct ip6t_ip6 *ip, const struct ip6t_entry_match *match, int numeric) { + struct ip6t_mark_info *info = (struct ip6t_mark_info *)match->data; + printf("MARK match "); - print_mark(((struct ip6t_mark_info *)match->data)->mark, - ((struct ip6t_mark_info *)match->data)->mask, - ((struct ip6t_mark_info *)match->data)->invert, numeric); + + if (info->invert) + printf("!"); + + print_mark(info->mark, info->mask, numeric); } /* Saves the union ip6t_matchinfo in parsable form to stdout. */ static void save(const struct ip6t_ip6 *ip, const struct ip6t_entry_match *match) { + struct ip6t_mark_info *info = (struct ip6t_mark_info *)match->data; + + if (info->invert) + printf("! "); + printf("--mark "); - print_mark(((struct ip6t_mark_info *)match->data)->mark, - ((struct ip6t_mark_info *)match->data)->mask, - ((struct ip6t_mark_info *)match->data)->invert, 0); + print_mark(info->mark, info->mask, 0); } static diff --git a/extensions/libipt_MARK.c b/extensions/libipt_MARK.c index 0a96e39..56b09f5 100644 --- a/extensions/libipt_MARK.c +++ b/extensions/libipt_MARK.c @@ -6,7 +6,8 @@ #include #include -#include +/* For 64bit kernel / 32bit userspace */ +#include "../include/linux/netfilter_ipv4/ipt_MARK.h" /* Function which prints out usage message. */ static void @@ -42,8 +43,13 @@ parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': - if (string_to_number(optarg, 0, 0xffffffff, - (unsigned int *)&markinfo->mark)) +#ifdef KERNEL_64_USERSPACE_32 + if (string_to_number_ll(optarg, 0, 0, + &markinfo->mark)) +#else + if (string_to_number_l(optarg, 0, 0, + &markinfo->mark)) +#endif exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg); if (*flags) exit_error(PARAMETER_PROBLEM, @@ -66,11 +72,19 @@ final_check(unsigned int flags) "MARK target: Parameter --set-mark is required"); } +#ifdef KERNEL_64_USERSPACE_32 static void -print_mark(unsigned long mark, int numeric) +print_mark(unsigned long long mark) +{ + printf("0x%llx ", mark); +} +#else +static void +print_mark(unsigned long mark) { printf("0x%lx ", mark); } +#endif /* Prints out the targinfo. */ static void @@ -81,7 +95,7 @@ print(const struct ipt_ip *ip, const struct ipt_mark_target_info *markinfo = (const struct ipt_mark_target_info *)target->data; printf("MARK set "); - print_mark(markinfo->mark, numeric); + print_mark(markinfo->mark); } /* Saves the union ipt_targinfo in parsable form to stdout. */ @@ -91,7 +105,8 @@ save(const struct ipt_ip *ip, const struct ipt_entry_target *target) const struct ipt_mark_target_info *markinfo = (const struct ipt_mark_target_info *)target->data; - printf("--set-mark 0x%lx ", markinfo->mark); + printf("--set-mark "); + print_mark(markinfo->mark); } static diff --git a/extensions/libipt_mark.c b/extensions/libipt_mark.c index 4aa780b..14e179a 100644 --- a/extensions/libipt_mark.c +++ b/extensions/libipt_mark.c @@ -6,7 +6,8 @@ #include #include -#include +/* For 64bit kernel / 32bit userspace */ +#include "../include/linux/netfilter_ipv4/ipt_mark.h" /* Function which prints out usage message. */ static void @@ -46,11 +47,19 @@ parse(int c, char **argv, int invert, unsigned int *flags, char *end; case '1': check_inverse(optarg, &invert, &optind, 0); +#ifdef KERNEL_64_USERSPACE_32 + markinfo->mark = strtoull(optarg, &end, 0); + if (*end == '/') { + markinfo->mask = strtoull(end+1, &end, 0); + } else + markinfo->mask = 0xffffffffffffffffULL; +#else markinfo->mark = strtoul(optarg, &end, 0); if (*end == '/') { markinfo->mask = strtoul(end+1, &end, 0); } else markinfo->mask = 0xffffffff; +#endif if (*end != '\0' || end == optarg) exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg); if (invert) @@ -64,6 +73,16 @@ parse(int c, char **argv, int invert, unsigned int *flags, return 1; } +#ifdef KERNEL_64_USERSPACE_32 +static void +print_mark(unsigned long long mark, unsigned long long mask, int numeric) +{ + if(mask != 0xffffffffffffffffULL) + printf("0x%llx/0x%llx ", mark, mask); + else + printf("0x%llx ", mark); +} +#else static void print_mark(unsigned long mark, unsigned long mask, int numeric) { @@ -72,6 +91,7 @@ print_mark(unsigned long mark, unsigned long mask, int numeric) else printf("0x%lx ", mark); } +#endif /* Final check; must have specified --mark. */ static void diff --git a/include/linux/netfilter_ipv4/ipt_MARK.h b/include/linux/netfilter_ipv4/ipt_MARK.h new file mode 100644 index 0000000..6febfe6 --- /dev/null +++ b/include/linux/netfilter_ipv4/ipt_MARK.h @@ -0,0 +1,12 @@ +#ifndef _IPT_MARK_H_target +#define _IPT_MARK_H_target + +struct ipt_mark_target_info { +#ifdef KERNEL_64_USERSPACE_32 + unsigned long long mark; +#else + unsigned long mark; +#endif +}; + +#endif /*_IPT_MARK_H_target*/ diff --git a/include/linux/netfilter_ipv4/ipt_mark.h b/include/linux/netfilter_ipv4/ipt_mark.h new file mode 100644 index 0000000..b9e79fd --- /dev/null +++ b/include/linux/netfilter_ipv4/ipt_mark.h @@ -0,0 +1,13 @@ +#ifndef _IPT_MARK_H +#define _IPT_MARK_H + +struct ipt_mark_info { +#ifdef KERNEL_64_USERSPACE_32 + unsigned long long mark, mask; +#else + unsigned long mark, mask; +#endif + u_int8_t invert; +}; + +#endif /*_IPT_MARK_H*/ diff --git a/include/linux/netfilter_ipv6/ip6t_MARK.h b/include/linux/netfilter_ipv6/ip6t_MARK.h new file mode 100644 index 0000000..06949b8 --- /dev/null +++ b/include/linux/netfilter_ipv6/ip6t_MARK.h @@ -0,0 +1,12 @@ +#ifndef _IP6T_MARK_H_target +#define _IP6T_MARK_H_target + +struct ip6t_mark_target_info { +#ifdef KERNEL_64_USERSPACE_32 + unsigned long long mark; +#else + unsigned long mark; +#endif +}; + +#endif /*_IPT_MARK_H_target*/ diff --git a/include/linux/netfilter_ipv6/ip6t_mark.h b/include/linux/netfilter_ipv6/ip6t_mark.h new file mode 100644 index 0000000..7ede185 --- /dev/null +++ b/include/linux/netfilter_ipv6/ip6t_mark.h @@ -0,0 +1,13 @@ +#ifndef _IP6T_MARK_H +#define _IP6T_MARK_H + +struct ip6t_mark_info { +#ifdef KERNEL_64_USERSPACE_32 + unsigned long long mark, mask; +#else + unsigned long mark, mask; +#endif + u_int8_t invert; +}; + +#endif /*_IPT_MARK_H*/ -- cgit v1.2.3