Routing rules: Mask value for firewall mark
Joerg Pommnitz
pommnitz at yahoo.com
Fri Oct 29 10:00:14 EDT 2010
Thomas,
I read the new lib/route/rule.c. This left me wondering: How do I test for the
presence of an attribute? E.g. if this is a "from"-rule, neither mark nor mask
will
be set, but rtnl_rule_get_mark and rtnl_rule_get_mask will happily return a
value
without a way to report an error.
The right way would be to check for the presence of the attribute in the ce_mask
field, but the flag values (e.g. RULE_ATTR_*) are private in rule.c.
Can you clarify how the API is supposed to be used?
Thanks in advance
Joerg
----- Ursprüngliche Mail ----
> Von: Thomas Graf <tgraf at infradead.org>
> An: Joerg Pommnitz <pommnitz at yahoo.com>; libnl at lists.infradead.org
> Gesendet: Freitag, den 29. Oktober 2010, 12:52:36 Uhr
> Betreff: Re: Routing rules: Mask value for firewall mark
>
> On Fri, Oct 29, 2010 at 05:51:10AM -0400, Thomas Graf wrote:
> > On Fri, Oct 29, 2010 at 12:58:56AM -0700, Joerg Pommnitz wrote:
> > > Just wait a bit! rtnl_rule_get_mark ??
> > >
> > > But this was already there:
> > > void rtnl_rule_set_mark (struct rtnl_rule *rule, uint64_t mark)
> > > uint64_t rtnl_rule_get_mark (struct rtnl_rule *rule)
> > >
> > > The problem was the missing *MASK* value.
> >
> > It must have been late :-) I see what happened. libnl still uses the
> > old RTA_* symbols while I changed the kernel fib rule code to use
> > FRA_* symbols. RTA_PROTOINFO became FRA_MARK and FRA_FWMASK was
> > added while RTA_MARK was added later on but serves a different purpose.
>
> Joerg,
>
> I went over the routing rules code. It now uses the new FRA_ definitions
> and will support all attributes. You will find rtnl_rule_set_mark() and
> rtnl_rule_set_mask() in the API.
>
> I haven't tested it much though besides running nl-rule-list.
>
More information about the libnl
mailing list