[PATCH v4] configure: Show support for connlabel

2016-03-21 Thread Shivani Bhardwaj
Add the --disable-connlabel option and the appropriate functionality associated with it. After this patch, iptables configuration shows up as: Iptables Configuration: IPv4 support: yes IPv6 support: yes Devel support:

Re: [PATCH 4/4 v5] nftables: rule: Change the field "rule->comment" for an nftnl_udata_buf

2016-03-21 Thread Pablo Neira Ayuso
On Tue, Mar 15, 2016 at 09:28:07PM +0100, Carlos Falgueras García wrote: > Now it is possible to store multiple variable length user data into rule. > Modify the parser in order to fill the nftnl_udata with the comment, and > the print function for extract these commentary and print it to user. >

Re: [PATCH 0/1] ipset patch for nf

2016-03-21 Thread Pablo Neira Ayuso
On Wed, Mar 16, 2016 at 10:02:29PM +0100, Jozsef Kadlecsik wrote: > Hi Pablo, > > Please apply the next patch against the nf tree: > > - There was a race condition between parallel save/swap and delete, > which resulted a kernel crash due to the increase ref for save, swap, > wrong ref

Re: [PATCH net-next] change nfqueue failopen to apply also to receive message buffer in addition to queue size

2016-03-21 Thread Pablo Neira Ayuso
On Mon, Mar 21, 2016 at 11:23:43AM +, Yigal Reiss (yreiss) wrote: > @@ -582,10 +585,17 @@ __nfqnl_enqueue_packet(struct net *net, struct > nfqnl_instance *queue, > *packet_id_ptr = htonl(entry->id); > > /* nfnetlink_unicast will either free the nskb or add it to a socket */ > -

Re: [PATCH net-next] change nfqueue failopen to apply also to receive message buffer in addition to queue size

2016-03-21 Thread Florian Westphal
Yigal Reiss (yreiss) wrote: [ CC shemminger ] This is the place where the commit message should go. The Subject: line alone isn't enough for a large patch like this. > Signed-off-by: Yigal Reiss > --- > > NOTE: this is a re-send after being bounced by the

[PATCH net-next] change nfqueue failopen to apply also to receive message buffer in addition to queue size

2016-03-21 Thread Yigal Reiss (yreiss)
Signed-off-by: Yigal Reiss --- NOTE: this is a re-send after being bounced by the test robot for a compiler warning. I hope I'm doing the right thing in resubmitting rather than replying to the original message. Recompiled w/o warnings and re-tested. This is follow-up on

Re: [PATCH] Add systemd files

2016-03-21 Thread Arturo Borrero Gonzalez
On 21 March 2016 at 01:39, Sébastien Luttringer wrote: > This is the current systemd service files I wrote for Arch Linux. > A Fedora maintainer suggest to move them to the upstream to share them > between distribution. > --- > configure.ac | 1 + >

Re: conntrack-tool question for contribution.

2016-03-21 Thread Miguel Angel Ajo Pelayo
On Fri, Mar 18, 2016 at 12:59 PM, Arturo Borrero Gonzalez wrote: > On 16 March 2016 at 12:16, Miguel Angel Ajo Pelayo > wrote: >> I was considering the possibility of making an small contribution to >> conntrack-tool >> to allow the batching