Re: [PATCH 6/8] netfilter: fix string extension for case insensitive pattern matching

From: Joonwoo Park <hidden>
Date: 2008-06-30 18:44:59
Also in: netfilter-devel

2008/6/29 Jan Engelhardt [off-list ref]:

On Saturday 2008-06-21 09:54, Joonwoo Park wrote:

quoted

icase of xt_string_info indicates case [in]sensitive matching.
netfilter can find cmd.exe, Cmd.exe, cMd.exe and etc easily.

Signed-off-by: Joonwoo Park <redacted>
---
include/linux/netfilter/xt_string.h |    1 +
net/netfilter/xt_string.c           |    2 +-
2 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/include/linux/netfilter/xt_string.h b/include/linux/netfilter/xt_string.h
index bb21dd1..dfd347f 100644
--- a/include/linux/netfilter/xt_string.h
+++ b/include/linux/netfilter/xt_string.h

@@ -12,6 +12,7 @@ struct xt_string_info
      char      pattern[XT_STRING_MAX_PATTERN_SIZE];
      u_int8_t  patlen;
      u_int8_t  invert;
+      u_int8_t  icase;

      /* Used internally by the kernel */
      struct ts_config __attribute__((aligned(8))) *config;

Why not just doing it this way?


enum {
       XT_STRING_INVERT = 1 << 0,
       XT_STRING_ICASE  = 1 << 1,
};

struct xt_string_info {
       ...
       union {
               uint8_t invert;
               uint8_t flags;
       };
       ...
};

Not bad for me,
I think invert might be removed and flags can contain XT_STRING_INVERT as well.
But I guess we should do version checking between user-space and
kernel more strictly whatever.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help