lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20160623174223.GA3648@salvia>
Date:	Thu, 23 Jun 2016 19:42:23 +0200
From:	Pablo Neira Ayuso <pablo@...filter.org>
To:	Vishwanath Pai <vpai@...mai.com>
Cc:	kaber@...sh.net, kadlec@...ckhole.kfki.hu, johunt@...mai.com,
	davem@...emloft.net, netfilter-devel@...r.kernel.org,
	coreteam@...filter.org, linux-kernel@...r.kernel.org,
	netdev@...r.kernel.org, pai.vishwain@...il.com,
	ilubashe@...mai.com, jdollard@...mai.com
Subject: Re: [PATCH v2 2/2] netfilter/nflog: nflog-range does not truncate
 packets (userspace)

On Tue, Jun 21, 2016 at 03:02:16PM -0400, Vishwanath Pai wrote:
> netfilter/nflog: nflog-range does not truncate packets
> 
> The option --nflog-range has never worked, but we cannot just fix this
> because users might be using this feature option and their behavior would
> change. Instead add a new option --nflog-size. This option works the same
> way nflog-range should have, and both of them are mutually exclusive. When
> someone uses --nflog-range we print a warning message informing them that
> this feature has no effect.
> 
> To indicate the kernel that the user has set --nflog-size we have to pass a
> new flag XT_NFLOG_F_COPY_LEN.
> 
> Also updated the man page to reflect this.

Please, send me a v3 including tests, see:

        iptables/extensions/libxt_NFLOG.t

Thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ