[Bug 1111] New: extensions: libxt_hashlimit: fix print_rate.
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Thu Jan 12 19:16:00 CET 2017
https://bugzilla.netfilter.org/show_bug.cgi?id=1111
Bug ID: 1111
Summary: extensions: libxt_hashlimit: fix print_rate.
Product: netfilter/iptables
Version: unspecified
Hardware: i386
OS: All
Status: NEW
Severity: major
Priority: P5
Component: unknown
Assignee: netfilter-buglog at lists.netfilter.org
Reporter: prahal at yahoo.com
Created attachment 490
--> https://bugzilla.netfilter.org/attachment.cgi?id=490&action=edit
use uint64 modifier to print rate
This fixes iptables outputs 10/(null) instead of 10/sec as upto limit.
xt_hashlimit is already tagged C99.
A side effect is to get back openvpnas hooks when hashlimit upto is used.
This was tested (both breakage and fix) with iptables 1.6.0+snapshot20161117
from debian sid and testing.
NB: there are other similar printf placeholders that would benefit from the
same fix in libxt_hashlimit, but they are less critical (error reporting).
I am also uneasy with print_rate period parameter as uint32, I believe it
should have switched to uint64 with revision 2 of hashlimit.
There is also the cost_to_bytes and bytes_to_cost which I am unable to decide
whether the max divider and multiplier should cope with uint64 and not stay
hardcoded to uint32.
All in all this patch fixes the only critical bug I experience with rev2 of
hashlimit but the above points might deserves bugs of their own.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170112/90d1ee3b/attachment.html>
More information about the netfilter-buglog
mailing list