Mr. Josefsson,
IIRC, the `struct ipt_entry' uses a zeroed char *, like this:
char elems[0];
AFAIK, this is used to stack the match and target structs inside a rule
entry. Have you tried this, sir?
Brad
Martin Josefsson wrote:
> On Sat, 28 Jul 2001, Harald Welte wrote:
>
>> On Sat, Jul 28, 2001 at 06:41:15PM +0200, Martin Josefsson wrote:
>>
>>> Core-team, please apply these patches.
>>
>> now applied.
>
>
> Thanks.
>
> I think I'll take a little look at how to support multiple ranges
> tomorrow. The main problem I noticed today when rewriting parts of my
> target is this:
>
> struct ipt_same_info
> {
> unsigned char info;
>
> unsigned int rangesize;
>
> /* hangs off end. */
> struct ip_nat_range range[1];
> };
>
> range has a static size... I don't even want to try to imagine how to
> solve it with a dynamic size...
>
> My thought was to define the maximum number of ranges in ipt_SAME.h like
> this:
>
> #define IPT_SAME_MAX_RANGES 10
>
> struct ipt_same_info
> {
> unsigned char info;
>
> unsigned int rangesize;
>
> /* hangs off end. */
> struct ip_nat_range range[IPT_SAME_MAX_RANGES];
> };
>
> And then use IPT_SAME_MAX_RANGES when cheking rangesize for sanity and so
> on. Does this sound like a good idea? Need some input on this before I
> start digging that hole...
>
> /Martin
>
> PS. If I succeed I'll implement it in BALANCE too as it's very similar to
> SAME (SAME is a modified BALANCE)
>
>
>
>
>
IIRC, the `struct ipt_entry' uses a zeroed char *, like this:
char elems[0];
AFAIK, this is used to stack the match and target structs inside a rule
entry. Have you tried this, sir?
Brad
Martin Josefsson wrote:
> On Sat, 28 Jul 2001, Harald Welte wrote:
>
>> On Sat, Jul 28, 2001 at 06:41:15PM +0200, Martin Josefsson wrote:
>>
>>> Core-team, please apply these patches.
>>
>> now applied.
>
>
> Thanks.
>
> I think I'll take a little look at how to support multiple ranges
> tomorrow. The main problem I noticed today when rewriting parts of my
> target is this:
>
> struct ipt_same_info
> {
> unsigned char info;
>
> unsigned int rangesize;
>
> /* hangs off end. */
> struct ip_nat_range range[1];
> };
>
> range has a static size... I don't even want to try to imagine how to
> solve it with a dynamic size...
>
> My thought was to define the maximum number of ranges in ipt_SAME.h like
> this:
>
> #define IPT_SAME_MAX_RANGES 10
>
> struct ipt_same_info
> {
> unsigned char info;
>
> unsigned int rangesize;
>
> /* hangs off end. */
> struct ip_nat_range range[IPT_SAME_MAX_RANGES];
> };
>
> And then use IPT_SAME_MAX_RANGES when cheking rangesize for sanity and so
> on. Does this sound like a good idea? Need some input on this before I
> start digging that hole...
>
> /Martin
>
> PS. If I succeed I'll implement it in BALANCE too as it's very similar to
> SAME (SAME is a modified BALANCE)
>
>
>
>
>