Re: iptables and combining additional rule sources

2020-04-25 Thread Jeffrey Walton 
On Sat, Apr 25, 2020 at 12:53 PM Valdis Klētnieks
 wrote:
>
> On Sat, 25 Apr 2020 02:55:08 -0400, Jeffrey Walton said:
>
> > One last question... Should I create my own target - say mediawiki -
> > and append my rules to it? That may simplify things:
> >
> > * Header, newstuff and trailer is fixed
> > * newstuff just jumps to mediawiki target
> > * if mediawiki does not ban, then control returns to trailer
> >
> > Then, my out-of-proc service just keeps adding to mediawiki target. I
> > don't need to write files in this case. I'll just keep adding to the
> > running config.
>
> That totally fails if your machine reboots, because there's no memory of
> what the rules were before the reboot.

Yeah, I'm OK with that. Dropping the database means the code
simplifies _a lot_. I can remove the administrivia, connection
information and all the code for inserts and deletes.

Looking at the logs, these folks are aggressive. It looks like (to me)
the wiki installation will see most spammers in the first 5 or 10
minutes of starting up. After initial startup the system reaches
stability rather quickly.

I think it is a good tradeoff.

Jeff

___
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies

Re: iptables and combining additional rule sources

2020-04-25 Thread Valdis Klētnieks 
On Sat, 25 Apr 2020 02:55:08 -0400, Jeffrey Walton said:

> One last question... Should I create my own target - say mediawiki -
> and append my rules to it? That may simplify things:
>
> * Header, newstuff and trailer is fixed
> * newstuff just jumps to mediawiki target
> * if mediawiki does not ban, then control returns to trailer
>
> Then, my out-of-proc service just keeps adding to mediawiki target. I
> don't need to write files in this case. I'll just keep adding to the
> running config.

That totally fails if your machine reboots, because there's no memory of
what the rules were before the reboot.



pgpW3sHD5NS9d.pgp
Description: PGP signature
___
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies

Re: USB driver

2020-04-25 Thread Greg KH 


A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?

http://daringfireball.net/2007/07/on_top

On Sat, Apr 25, 2020 at 09:45:44AM +0200, Sohaib Mhmd wrote:
> Sorry, do you mean vendor & product id
> ?

I have no idea, what ever vendor/device id that you put in your driver,
it needs to not have a driver attached to it for your driver to be able
to be called.

> Do you mean to unload/unbind for any particular one?

Again, the driver that is attached to the device your want your driver
to bind to is what you need to watch for.

good luck!

greg k-h

___
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies

Re: USB driver

2020-04-25 Thread Sohaib Mhmd 
Sorry, do you mean vendor & product id
?
Do you mean to unload/unbind for any particular one?

[root@hp kernel_mod]# lsusb
Bus 003 Device 023: ID 045e:0800 Microsoft Corp. Microsoft® Nano
Transceiver v2.0

[root@hp kernel_mod]# lsusb -t
/:  Bus 03.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/14p, 480M
|__ Port 3: Dev 23, If 0, Class=Human Interface Device, Driver=usbhid,
12M
|__ Port 3: Dev 23, If 1, Class=Human Interface Device, Driver=usbhid,
12M
|__ Port 3: Dev 23, If 2, Class=Human Interface Device, Driver=usbhid,
12M

On Sat, Apr 25, 2020 at 9:01 AM Greg KH  wrote:

> On Sat, Apr 25, 2020 at 07:44:12AM +0200, Sohaib Mhmd wrote:
> > Hi everyone, I made a very simple USB driver
> > ,
> > but the problem is that the probe and disconnect functions never was
> called.
>
> What USB device is currently attached to the ids that your driver wants
> to bind to?  Unload/unbind that and then your driver should work.
>
> greg k-h
>
___
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies

Re: passing __user function parameter from kernel_module result in EFAULT

2020-04-25 Thread Greg KH 
On Tue, Apr 21, 2020 at 09:14:00PM +0300, Lev R. Oshvang . wrote:
> Hi all, I am trying to do a mount from kernel module in kernel 5.4 on x86_64.
> It fails with -14,  I tried to set_fs(USER_DS) before calling do_mount
> but it did not
>  help.
> 
> 
> do_mount() returns -EFAUTL when it checks filename validity just at
> the very first lines of do_mount ().
> 
> Are there other tricks to do in order to overcome and access_ok checks?

No "trick" is needed, just properly convert the data to a kernel pointer
and you should be fine.  Never touch the data pointed to by a userspace
pointer.

greg k-h

___
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies

Re: iptables and combining additional rule sources

2020-04-25 Thread Jeffrey Walton 
On Fri, Apr 24, 2020 at 11:32 PM Keh-Ming Luoh  wrote:
>
> Assuming these IP address are treated the same way in your iptables rule, 
> ipset may help to make it simpler.

Thanks Keh-Ming.

Yeah, I was looking for that earlier.

Jeff

___
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies

Re: USB driver

2020-04-25 Thread Greg KH 
On Sat, Apr 25, 2020 at 07:44:12AM +0200, Sohaib Mhmd wrote:
> Hi everyone, I made a very simple USB driver
> ,
> but the problem is that the probe and disconnect functions never was called.

What USB device is currently attached to the ids that your driver wants
to bind to?  Unload/unbind that and then your driver should work.

greg k-h

___
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies