| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Jun 2016 19:42:23 +0200
From: Pablo Neira Ayuso <pablo@...filter.org>
To: Vishwanath Pai <vpai@...mai.com>
Cc: kaber@...sh.net, kadlec@...ckhole.kfki.hu, johunt@...mai.com,
davem@...emloft.net, netfilter-devel@...r.kernel.org,
coreteam@...filter.org, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org, pai.vishwain@...il.com,
ilubashe@...mai.com, jdollard@...mai.com
Subject: Re: [PATCH v2 2/2] netfilter/nflog: nflog-range does not truncate
packets (userspace)
On Tue, Jun 21, 2016 at 03:02:16PM -0400, Vishwanath Pai wrote:
> netfilter/nflog: nflog-range does not truncate packets
>
> The option --nflog-range has never worked, but we cannot just fix this
> because users might be using this feature option and their behavior would
> change. Instead add a new option --nflog-size. This option works the same
> way nflog-range should have, and both of them are mutually exclusive. When
> someone uses --nflog-range we print a warning message informing them that
> this feature has no effect.
>
> To indicate the kernel that the user has set --nflog-size we have to pass a
> new flag XT_NFLOG_F_COPY_LEN.
>
> Also updated the man page to reflect this.
Please, send me a v3 including tests, see:
iptables/extensions/libxt_NFLOG.t
Thanks.
Powered by blists - more mailing lists