In preparation to enabling -Wimplicit-fallthrough, mark switch cases
where we are expecting to fall through.
Notice that in some cases I placed the "fall through" comment on its own
line, which is what GCC is expecting to find.
Signed-off-by: Gustavo A. R. Silva
---
This code was tested by compi
On Thu, Oct 19, 2017 at 4:05 PM, Pablo Neira Ayuso wrote:
> On Wed, Oct 18, 2017 at 07:59:44PM +0530, Harsha Sharma wrote:
>> Print errors and total no of tests and tests passed for testfile argument.
>> Print total no. of testfiles, total no. of tests and total no. of tests
>> passed for "all" ar
When executing xlate-test.py with specified test file, give
"extensions/test_file.txlate" as argument
Signed-off-by: Harsha Sharma
---
xlate-test.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/xlate-test.py b/xlate-test.py
index 43c4be19..860d94d0 100755
--- a/xlate-test.
Print errors and total no of tests and tests passed for testfile argument.
Print total no. of testfiles, total no. of tests and total no. of tests
passed for "all" argument.
For e.g. :
sudo ./xlate-test.py --all (adds this line in end with whole output)
64 test file, 246 tests, 242 tests passed
su
On Thu, Oct 19, 2017 at 01:18:12PM +0200, Florian Westphal wrote:
> Registering implicit nat hook, making iptables_nat and nftables nat
> at the same time impossible (reject from kernel) etc. is more
> convenient as we cannot break existing setups and only prevent
> configuring a non-working/broken
Pablo Neira Ayuso wrote:
> Hi Florian,
>
> On Wed, Oct 18, 2017 at 03:56:50PM +0200, Florian Westphal wrote:
> > Hi.
> >
> > Couple of month ago I sent 2 RFC patches to allow using nftables and
> > iptables NAT at same time.
>
> Hm, I think we forgot to talk about this during the NFWS.
Yes. W
On Wed, Oct 18, 2017 at 07:59:44PM +0530, Harsha Sharma wrote:
> Print errors and total no of tests and tests passed for testfile argument.
> Print total no. of testfiles, total no. of tests and total no. of tests
> passed for "all" argument.
BTW, could you also to the commit description an exampl
On Wed, Oct 18, 2017 at 07:59:44PM +0530, Harsha Sharma wrote:
> Print errors and total no of tests and tests passed for testfile argument.
> Print total no. of testfiles, total no. of tests and total no. of tests
> passed for "all" argument.
> Change testfile argument to take "extensions/test_file
On Thu, Oct 19, 2017 at 12:15:29PM +0200, Pablo Neira Ayuso wrote:
> On Wed, Oct 18, 2017 at 03:56:50PM +0200, Florian Westphal wrote:
> > 3. Do not permit more than one nat type per family/hook.
>
> Yes, this makes sense to me.
You could add a singleton flag for chain, so we check this from the
Hi Florian,
On Wed, Oct 18, 2017 at 03:56:50PM +0200, Florian Westphal wrote:
> Hi.
>
> Couple of month ago I sent 2 RFC patches to allow using nftables and
> iptables NAT at same time.
Hm, I think we forgot to talk about this during the NFWS.
> If this is unwanted (there was concern wrt. to th
On Thu, Oct 19, 2017 at 01:06:07AM +0200, Florian Westphal wrote:
> nft --debug=netlink list table ...
> has no effect anymore.
>
> Callers pass in debug_mask & DEBUG_NETLINK, which gets converted
> to 0/1 because the arg is a boolean.
>
> Later on this bool is converted back to an integer, but t
Provide a convenient interface to configure dry run mode.
Signed-off-by: Phil Sutter
---
include/nftables/nftables.h | 3 +++
src/libnftables.c | 5 +
src/main.c | 2 +-
3 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/include/nftables/nftables.h b/inc
Signed-off-by: Phil Sutter
---
include/Makefile.am | 3 +-
include/nftables.h | 65 +--
include/nftables/Makefile.am | 1 +
include/nftables/nftables.h | 88 +++
src/Makefile.am | 3 +-
src/libnftables.c| 261 +++
In order to keep the API simple, remove INCLUDE_PATHS_MAX restraint and
dynamically allocate nft_ctx field include_paths instead.
Signed-off-by: Phil Sutter
---
include/nftables/nftables.h | 6 +++---
src/libnftables.c | 34 --
src/main.c
This allows an application to explicitly flush caches associated with a
given nft context.
Note that this is a bit inconsistent in that it releases the global
interface cache, but nft_ctx_free() does the same so at least it's not a
regression.
Signed-off-by: Phil Sutter
---
include/nftables/nft
The following series prepares libnftables libarary split-off by moving
API functions into src/libnftables.c, introducing
include/nftables/nftables.h and enhancing the code by a number of
getters and setters for applications to change configurable parts of
struct nft_ctx without knowledge of that st
nft_ctx_free() should not refer to the global 'nft' variable, this will
break as soon as the function is moved away from main.c. In order to use
the cache reference from passed argument, the latter must not be const.
Signed-off-by: Phil Sutter
---
src/main.c | 4 ++--
1 file changed, 2 insertion
Provide API functions for remaining context settings changed by main.c,
then hide struct nft_ctx definition from applications. This allows us to
later change data structures internally without risk of breaking
applications.
Signed-off-by: Phil Sutter
---
include/nftables.h | 27
This simplifies CLI code and allows to reduce libnftables API by not
exporting nft_run().
Since nft_run_cmd_from_buffer() takes care of scanner initialization and
libmnl socket passed to cli_init() is present as nft_ctx field as well,
signature of cli_init() can be reduced to just take nft_ctx poi
19 matches
Mail list logo
