From patchwork Thu Jun 2 00:23:54 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vishwanath Pai X-Patchwork-Id: 628915 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3rKnyl1Chvz9t5s for ; Thu, 2 Jun 2016 10:23:59 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=akamai.com header.i=@akamai.com header.b=Uz8gXK1d; dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751394AbcFBAX4 (ORCPT ); Wed, 1 Jun 2016 20:23:56 -0400 Received: from prod-mail-xrelay05.akamai.com ([23.79.238.179]:37596 "EHLO prod-mail-xrelay05.akamai.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750960AbcFBAXz (ORCPT ); Wed, 1 Jun 2016 20:23:55 -0400 Received: from prod-mail-xrelay05.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id 3E44A3F40DD; Thu, 2 Jun 2016 00:23:54 +0000 (GMT) Received: from prod-mail-relay11.akamai.com (prod-mail-relay11.akamai.com [172.27.118.250]) by prod-mail-xrelay05.akamai.com (Postfix) with ESMTP id 1BC8D3F413B; Thu, 2 Jun 2016 00:23:54 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; s=a1; t=1464827034; bh=Lcf+KkY/h/rSpvZaSax3uK4+HAXxXN2FolheYMRWp4s=; l=1177; h=Date:From:To:Cc:From; b=Uz8gXK1daqUmQFb5kzdQAaFhp/rmd9XwQGtLIp0TusbcSh3VAjtiei9s/YquqtvQ0 idC/g+Job9Q+za22ERT1qDdRbb0347dlpaeMAj92u8iDni1Pf/LcKQW5EgQi1gFXZJ sIKHaq13TsPWQ0xSxW4OGtBNOawdK+Fz4qV7vHYA= Received: from bos-lpqrs.kendall.corp.akamai.com (bos-lpqrs.kendall.corp.akamai.com [172.28.13.81]) by prod-mail-relay11.akamai.com (Postfix) with ESMTP id 16CA91FC8E; Thu, 2 Jun 2016 00:23:54 +0000 (GMT) Received: from vpai by bos-lpqrs.kendall.corp.akamai.com with local (Exim 4.82) (envelope-from ) id 1b8GQU-00010w-1F; Wed, 01 Jun 2016 20:23:54 -0400 Date: Wed, 1 Jun 2016 20:23:54 -0400 From: Vishwanath Pai To: pablo@netfilter.org, kaber@trash.net, kadlec@blackhole.kfki.hu, netfilter-devel@vger.kernel.org Cc: coreteam@netfilter.org, johunt@akamai.com, netdev@vger.kernel.org, pai.vishwain@gmail.com Subject: [PATCH] netfilter/nflog: nflog-range does not truncate packets Message-ID: <20160602002354.GG1644@akamai.com> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org netfilter/nflog: nflog-range does not truncate packets The --nflog-range parameter from userspace is ignored in the kernel and the entire packet is sent to the userspace. The per-instance parameter copy_range still works, with this change --nflog-range will have preference over copy_range. Signed-off-by: Vishwanath Pai Reviewed-by: Joshua Hunt diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index 4ef1fae..f40ddba 100644 --- a/net/netfilter/nfnetlink_log.c +++ b/net/netfilter/nfnetlink_log.c @@ -680,7 +680,6 @@ nfulnl_log_packet(struct net *net, if (qthreshold > li->u.ulog.qthreshold) qthreshold = li->u.ulog.qthreshold; - switch (inst->copy_mode) { case NFULNL_COPY_META: case NFULNL_COPY_NONE: @@ -688,10 +687,12 @@ nfulnl_log_packet(struct net *net, break; case NFULNL_COPY_PACKET: - if (inst->copy_range > skb->len) + data_len = inst->copy_range; + if (li->u.ulog.copy_len < data_len) + data_len = li->u.ulog.copy_len; + + if (data_len > skb->len) data_len = skb->len; - else - data_len = inst->copy_range; size += nla_total_size(data_len); break;