On Sat, 2007-02-24 at 17:40 +0100, Patrick McHardy wrote:
> Peter Zijlstra wrote:
> > On Sat, 2007-02-24 at 17:17 +0100, Patrick McHardy wrote:
> >
> >
> >>I don't really see why
> >>queueing is special though, dropping the packets in the ruleset
> >>will break things just as well, as will
Peter Zijlstra wrote:
> On Sat, 2007-02-24 at 17:17 +0100, Patrick McHardy wrote:
>
>
>>I don't really see why
>>queueing is special though, dropping the packets in the ruleset
>>will break things just as well, as will routing them to a blackhole.
>>I guess the user just needs to be smart enough
On Sat, 2007-02-24 at 17:17 +0100, Patrick McHardy wrote:
> I don't really see why
> queueing is special though, dropping the packets in the ruleset
> will break things just as well, as will routing them to a blackhole.
> I guess the user just needs to be smart enough not to do this.
Its
Peter Zijlstra wrote:
> On Sat, 2007-02-24 at 16:27 +0100, Patrick McHardy wrote:
>
>>> } else if ((verdict & NF_VERDICT_MASK) == NF_QUEUE) {
>>>+if (unlikely((*pskb)->emergency)) {
>>>+printk(KERN_ERR "nf_hook: NF_QUEUE encountered for "
>>>+
On Sat, 2007-02-24 at 16:27 +0100, Patrick McHardy wrote:
> Peter Zijlstra wrote:
> > Emergency skbs should never touch user-space, however NF_QUEUE is fully user
> > configurable. Notify the user of his mistake and try to continue.
> >
> > --- linux-2.6-git.orig/net/netfilter/core.c 2007-02-14
Peter Zijlstra wrote:
> Emergency skbs should never touch user-space, however NF_QUEUE is fully user
> configurable. Notify the user of his mistake and try to continue.
>
> --- linux-2.6-git.orig/net/netfilter/core.c 2007-02-14 12:09:07.0
> +0100
> +++ linux-2.6-git/net/netfilter/core.c
Peter Zijlstra wrote:
Emergency skbs should never touch user-space, however NF_QUEUE is fully user
configurable. Notify the user of his mistake and try to continue.
--- linux-2.6-git.orig/net/netfilter/core.c 2007-02-14 12:09:07.0
+0100
+++ linux-2.6-git/net/netfilter/core.c
On Sat, 2007-02-24 at 16:27 +0100, Patrick McHardy wrote:
Peter Zijlstra wrote:
Emergency skbs should never touch user-space, however NF_QUEUE is fully user
configurable. Notify the user of his mistake and try to continue.
--- linux-2.6-git.orig/net/netfilter/core.c 2007-02-14
Peter Zijlstra wrote:
On Sat, 2007-02-24 at 16:27 +0100, Patrick McHardy wrote:
} else if ((verdict NF_VERDICT_MASK) == NF_QUEUE) {
+if (unlikely((*pskb)-emergency)) {
+printk(KERN_ERR nf_hook: NF_QUEUE encountered for
+
On Sat, 2007-02-24 at 17:17 +0100, Patrick McHardy wrote:
I don't really see why
queueing is special though, dropping the packets in the ruleset
will break things just as well, as will routing them to a blackhole.
I guess the user just needs to be smart enough not to do this.
Its user-space
Peter Zijlstra wrote:
On Sat, 2007-02-24 at 17:17 +0100, Patrick McHardy wrote:
I don't really see why
queueing is special though, dropping the packets in the ruleset
will break things just as well, as will routing them to a blackhole.
I guess the user just needs to be smart enough not to do
On Sat, 2007-02-24 at 17:40 +0100, Patrick McHardy wrote:
Peter Zijlstra wrote:
On Sat, 2007-02-24 at 17:17 +0100, Patrick McHardy wrote:
I don't really see why
queueing is special though, dropping the packets in the ruleset
will break things just as well, as will routing them to a
Emergency skbs should never touch user-space, however NF_QUEUE is fully user
configurable. Notify the user of his mistake and try to continue.
Signed-off-by: Peter Zijlstra <[EMAIL PROTECTED]>
---
net/netfilter/core.c |5 +
1 file changed, 5 insertions(+)
Index:
Emergency skbs should never touch user-space, however NF_QUEUE is fully user
configurable. Notify the user of his mistake and try to continue.
Signed-off-by: Peter Zijlstra [EMAIL PROTECTED]
---
net/netfilter/core.c |5 +
1 file changed, 5 insertions(+)
Index:
14 matches
Mail list logo