From: Pablo Neira Ayuso
Date: Mon, 24 Aug 2020 13:39:35 +0200
> The following patchset contains Netfilter fixes for net:
>
> 1) Don't flag SCTP heartbeat as invalid for re-used connections,
>from Florian Westphal.
>
> 2) Bogus overlap report due to rbtree tree rotations, from Stefano Brivio
Hi,
The following patchset contains Netfilter fixes for net:
1) Don't flag SCTP heartbeat as invalid for re-used connections,
from Florian Westphal.
2) Bogus overlap report due to rbtree tree rotations, from Stefano Brivio.
3) Detect partial overlap with start end point match, also from Stef
From: Pablo Neira Ayuso
Date: Thu, 14 May 2020 14:19:07 +0200
> The following patchset contains Netfilter fixes for net:
>
> 1) Fix gcc-10 compilation warning in nf_conntrack, from Arnd Bergmann.
>
> 2) Add NF_FLOW_HW_PENDING to avoid races between stats and deletion
>commands, from Paul Bl
Hi,
The following patchset contains Netfilter fixes for net:
1) Fix gcc-10 compilation warning in nf_conntrack, from Arnd Bergmann.
2) Add NF_FLOW_HW_PENDING to avoid races between stats and deletion
commands, from Paul Blakey.
3) Remove WQ_MEM_RECLAIM from the offload workqueue, from Roi Da
From: Pablo Neira Ayuso
Date: Tue, 5 Feb 2019 20:04:09 +0100
> The following patchset contains Netfilter fixes for net:
...
> Diffstat look rather larger than usual because of the new selftest, but
> Florian and I consider that having tests soon into the tree is good to
> improve coverage. If t
Hi David,
The following patchset contains Netfilter fixes for net:
1) Use CONFIG_NF_TABLES_INET from seltests, not NF_TABLES_INET.
From Naresh Kamboju.
2) Add a test to cover masquerading and redirect case, from Florian
Westphal.
3) Two packets coming from the same socket may race to set
From: Pablo Neira Ayuso
Date: Thu, 1 Feb 2018 19:02:11 +0100
> The following patchset contains Netfilter fixes for your net tree,
> they are:
>
> 1) Fix OOM that syskaller triggers with ipt_replace.size = -1 and
>IPT_SO_SET_REPLACE socket option, from Dmitry Vyukov.
>
> 2) Check for too lo
Hi David,
The following patchset contains Netfilter fixes for your net tree,
they are:
1) Fix OOM that syskaller triggers with ipt_replace.size = -1 and
IPT_SO_SET_REPLACE socket option, from Dmitry Vyukov.
2) Check for too long extension name in xt_request_find_{match|target}
that result
From: Pablo Neira Ayuso
Date: Mon, 27 Feb 2017 12:35:36 +0100
> The following patchset contains netfilter fixes for you net tree,
> they are:
>
> 1) Missing ct zone size in the nft_ct initialization path, patch
>from Florian Westphal.
>
> 2) Two patches for netfilter uapi headers, one to re
Hi David,
The following patchset contains netfilter fixes for you net tree,
they are:
1) Missing ct zone size in the nft_ct initialization path, patch
from Florian Westphal.
2) Two patches for netfilter uapi headers, one to remove unnecessary
sysctl.h inclusion and another to fix compilati
From: Pablo Neira Ayuso
Date: Thu, 5 Jan 2017 12:19:47 +0100
> The following patchset contains accumulated Netfilter fixes for your
> net tree:
>
> 1) Ensure quota dump and reset happens iff we can deliver numbers to
>userspace.
>
> 2) Silence splat on incorrect use of smp_processor_id() f
Hi David,
The following patchset contains accumulated Netfilter fixes for your
net tree:
1) Ensure quota dump and reset happens iff we can deliver numbers to
userspace.
2) Silence splat on incorrect use of smp_processor_id() from nft_queue.
3) Fix an out-of-bound access reported by KASAN in
From: Pablo Neira Ayuso
Date: Thu, 18 Aug 2016 19:29:02 +0200
> The following patchset contains Netfilter updates for your net tree,
> they are:
...
> You can pull these changes from:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git
Pulled, thanks a lot Pablo.
Hi David,
The following patchset contains Netfilter updates for your net tree,
they are:
1) Dump only conntrack that belong to this namespace via /proc file.
This is some fallout from the conversion to single conntrack table
for all netns, patch from Liping Zhang.
2) Missing MODULE_ALIAS_N
From: Pablo Neira Ayuso
Date: Tue, 16 Feb 2016 18:02:31 +0100
> The following patchset contain a rather large batch for your net that
> includes accumulated bugfixes, they are:
...
> Due to the NetDev 1.1 organization burden, I had no chance to pass up
> this to you any sooner in this release cy
Hi David,
The following patchset contain a rather large batch for your net that
includes accumulated bugfixes, they are:
1) Run conntrack cleanup from workqueue process context to avoid hitting
soft lockup via watchdog for large tables. This is required by the
IPv6 masquerading extension. F
From: Pablo Neira Ayuso
Date: Wed, 20 Jan 2016 18:03:58 +0100
> The following patchset contains Netfilter fixes for your net tree, they
> are:
>
> 1) Fix accidental 3-times le/be conversion for 64-bits in nft_byteorder,
>from Florian Westphal.
>
> 2) Get rid of defensive cidr = 0 check in t
Hi David,
The following patchset contains Netfilter fixes for your net tree, they
are:
1) Fix accidental 3-times le/be conversion for 64-bits in nft_byteorder,
from Florian Westphal.
2) Get rid of defensive cidr = 0 check in the ipset hash:netiface set
type which doesn't allow valid 0.0.0.
From: Pablo Neira Ayuso
Date: Mon, 14 Dec 2015 12:25:40 +0100
> The following patchset contains Netfilter fixes for you net tree,
> specifically for nf_tables and nfnetlink_queue, they are:
Pulled, thanks a lot Pablo.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the bo
Hi David,
The following patchset contains Netfilter fixes for you net tree,
specifically for nf_tables and nfnetlink_queue, they are:
1) Avoid a compilation warning in nfnetlink_queue that was introduced
in the previous merge window with the simplification of the conntrack
integration, from
From: Pablo Neira Ayuso
Date: Thu, 3 Sep 2015 11:50:55 +0200
> The following patchset contains Netfilter fixes for net, they are:
>
> 1) Oneliner to restore maps in nf_tables since we support addressing registers
>at 32 bits level.
>
> 2) Restore previous default behaviour in bridge netfil
Hi David,
The following patchset contains Netfilter fixes for net, they are:
1) Oneliner to restore maps in nf_tables since we support addressing registers
at 32 bits level.
2) Restore previous default behaviour in bridge netfilter when CONFIG_IPV6=n,
oneliner from Bernhard Thaler.
3) Out
22 matches
Mail list logo
