[PATCH] zones: fix max length of zone names

David Bauer mail at david-bauer.net
Sat Sep 5 10:32:13 EDT 2020 

Hi Matthias,

On 9/5/20 4:08 PM, Matthias Schiffer wrote:
> On 9/5/20 1:11 AM, David Bauer wrote:
>> Hi Alexey,
>>
>> On 9/4/20 10:32 PM, Alexey Dobrovolskiy wrote:
>>> Hi,
>>> please, see also
>>> https://patchwork.ozlabs.org/project/openwrt/patch/20200830211009.3359-1-dobrovolskiy.alexey@gmail.com/
>>
>> I was not aware of this patch. Will merge yours in the coming days.
>>
>> Best wishes
>> David
> 
> 
> Maybe we could replace "postrouting" and similiar strings with abbreviated
> versions?

>From my perspective this should be possible. However, postrouting might not be
the primary limiting factor then, as there are also chains such as
"zone_<zonename>_dest_REJECT" automatically created. Sure enough, these can
also be renamed.

Best wishes
David

> 
> Kind regards,
> Matthias
> 
> 
> 
>>
>>>
>>> Best regards,
>>> Alexey
>>>
>>> пт, 4 сент. 2020 г. в 02:02, David Bauer <mail at david-bauer.net>:
>>>>
>>>> Previously the max length of a zone name was assuming the max
>>>> length for a extension in netfilter is 32 bytes while in reality it is
>>>> only 29.
>>>>
>>>> Fix this incorrect assumption to allow firewall3 to validate the zone
>>>> name lengths correctly.
>>>>
>>>> Signed-off-by: David Bauer <mail at david-bauer.net>
>>>> ---
>>>>  zones.h | 8 ++++++--
>>>>  1 file changed, 6 insertions(+), 2 deletions(-)
>>>>
>>>> diff --git a/zones.h b/zones.h
>>>> index d786736..beb0e22 100644
>>>> --- a/zones.h
>>>> +++ b/zones.h
>>>> @@ -22,8 +22,12 @@
>>>>  #include "options.h"
>>>>  #include "iptables.h"
>>>>
>>>> -/* 32 - sizeof("postrouting_") - sizeof("_rule") - sizeof("\0") */
>>>> -#define FW3_ZONE_MAXNAMELEN 14
>>>> +/* XT_EXTENSION_MAXNAMELEN (29)
>>>> + *  - sizeof("postrouting_")
>>>> + *  - sizeof("_rule")
>>>> + *  - sizeof("\0")
>>>> + */
>>>> +#define FW3_ZONE_MAXNAMELEN 11
>>>>
>>>>  extern const struct fw3_option fw3_zone_opts[];
>>>>
>>>> --
>>>> 2.28.0
>>>>
>>>>
>>>> _______________________________________________
>>>> openwrt-devel mailing list
>>>> openwrt-devel at lists.openwrt.org
>>>> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
>>
>> _______________________________________________
>> openwrt-devel mailing list
>> openwrt-devel at lists.openwrt.org
>> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
>>
> 
>

More information about the openwrt-devel mailing list