Bug#845500: nftables: notrack target fails with No such file or directory
On Thu, Nov 24, 2016 at 06:58:46PM +, Ben Hutchings wrote: > > IIRC Ben said that the next upstream kernel being tagged as LTS will be > > the one included in Debian strech, so we’ll probably have 4.9… unless > > Greg KH changes his mind again. :D > > Yes, exactly. Thanks for clarifying. There are worse things than 3 more years of iptables–ip6tables duality ;-). Peter
Bug#845500: nftables: notrack target fails with No such file or directory
On Thu, 2016-11-24 at 13:44 +0100, Vincent Blut wrote: > On Thu, Nov 24, 2016 at 08:46:27AM +0100, Arturo Borrero Gonzalez wrote: > > > > On 24 November 2016 at 01:34, Peter Colberg wrote: > > > > > > While the nftables package in Debian stretch will support notrack, the > > > corresponding kernel support was committed after the 4.9 merge window: > > > > > > https://git.kernel.org/cgit/linux/kernel/git/pablo/nf-next.git/commit/net/netfilter/nft_ct.c?id=254432613c588640f8b8b5c3641a3c27bbe14688 > > > > > > Assuming 4.9 becomes the stretch kernel, could you backport the patch? > > > > > > Debian stretch will include linux 4.10 [0], so no problem. > > > > > > [0] https://lists.debian.org/debian-devel-announce/2016/03/msg0.html > > Hi, > > IIRC Ben said that the next upstream kernel being tagged as LTS will be > the one included in Debian strech, so we’ll probably have 4.9… unless > Greg KH changes his mind again. :D Yes, exactly. Ben. -- Ben Hutchings [W]e found...that it wasn't as easy to get programs right as we had thought. ... I realized that a large part of my life from then on was going to be spent in finding mistakes in my own programs. - Maurice Wilkes, 1949 signature.asc Description: This is a digitally signed message part
Bug#845500: nftables: notrack target fails with No such file or directory
On Thu, Nov 24, 2016 at 08:46:27AM +0100, Arturo Borrero Gonzalez wrote: On 24 November 2016 at 01:34, Peter Colberg wrote: While the nftables package in Debian stretch will support notrack, the corresponding kernel support was committed after the 4.9 merge window: https://git.kernel.org/cgit/linux/kernel/git/pablo/nf-next.git/commit/net/netfilter/nft_ct.c?id=254432613c588640f8b8b5c3641a3c27bbe14688 Assuming 4.9 becomes the stretch kernel, could you backport the patch? Debian stretch will include linux 4.10 [0], so no problem. [0] https://lists.debian.org/debian-devel-announce/2016/03/msg0.html Hi, IIRC Ben said that the next upstream kernel being tagged as LTS will be the one included in Debian strech, so we’ll probably have 4.9… unless Greg KH changes his mind again. :D Cheers, Vincent signature.asc Description: PGP signature
Bug#845500: nftables: notrack target fails with No such file or directory
On 24 November 2016 at 01:34, Peter Colberg wrote: > > While the nftables package in Debian stretch will support notrack, the > corresponding kernel support was committed after the 4.9 merge window: > > https://git.kernel.org/cgit/linux/kernel/git/pablo/nf-next.git/commit/net/netfilter/nft_ct.c?id=254432613c588640f8b8b5c3641a3c27bbe14688 > > Assuming 4.9 becomes the stretch kernel, could you backport the patch? Debian stretch will include linux 4.10 [0], so no problem. [0] https://lists.debian.org/debian-devel-announce/2016/03/msg0.html
Bug#845500: nftables: notrack target fails with No such file or directory
On Thu, Nov 24, 2016 at 01:55:01AM +0100, Jens Reyer wrote: > According to > https://lists.debian.org/debian-devel-announce/2016/03/msg0.html it > will be 4.10. That would be great. After the recent announcement that 4.9 will probably be the next LTS kernel I assumed that the same version would also be shipped with stretch. http://kroah.com/log/blog/2016/09/06/4-dot-9-equals-equals-next-lts-kernel/ Peter
Bug#845500: nftables: notrack target fails with No such file or directory
On Wed, Nov 23, 2016 at 07:34:42PM -0500, Peter Colberg wrote: > Assuming 4.9 becomes the stretch kernel, could you backport the patch? The same applies to kernel support for the "fib" expression that may be used for reverse path filtering (analogous to iptables rp_filter). https://git.kernel.org/cgit/linux/kernel/git/pablo/nf-next.git/commit?id=f6d0cbcf09c506b9b022df8f9d7693a7cec3c732 That patch is more extensive and there are many more commits needed to sync nftables kernel support with userspace. Backporting does not make much sense. I am crossing fingers for 4.10 making it into stretch. Peter
Bug#845500: nftables: notrack target fails with No such file or directory
On 24.11.2016 01:34, Peter Colberg wrote: > Assuming 4.9 becomes the stretch kernel, could you backport the patch? According to https://lists.debian.org/debian-devel-announce/2016/03/msg0.html it will be 4.10. Greets jre