Sometimes gcc mysteriously doesn't inline
very small functions we expect to be inlined. See
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66122
Arguably, gcc should do better, but gcc people aren't willing
to invest time into it, asking to use __always_inline instead.
With this .config:
On Sun, Mar 27, 2016 at 12:05:46PM +0200, Giuseppe Longo wrote:
> iptables building is broken if libnftnl is not installed
> on the system, raising up the following errors:
>
> nft-shared.c:25:27: fatal error: libnftnl/rule.h: No such file or directory
> #include
>^
Pablo Neira Ayuso wrote:
> * List existing named counters:
>
> # nft lists counters
> table ip filter {
> counter tcp-counter {
> packets 6086 bytes 6278052
> }
> counter udp-counter {
> packets 272 bytes 64690
>
On Fri, Apr 08, 2016 at 11:10:47AM +, Meyer Raffaele wrote:
> Dear Sir or Madam
>
> I am currently using nftables under Ubuntu 15.10. Kernel version is
> 4.2.0-16-generic and nftables version is nftables v0.4 (Support Edward
> Snowden).
> I was looking for a way to match packets based on
On Thu, Apr 07, 2016 at 11:49:42PM +0200, Florian Westphal wrote:
> Pablo Neira Ayuso wrote:
> > Several examples on how this would look from userspace:
> >
> > * Add the 'tcp-counter' counter to the 'filter' table:
> >
> > # nft add counter filter tcp-counter
> >
> > *
On Thu, Apr 07, 2016 at 10:58:54PM +0530, Shivani Bhardwaj wrote:
> The idea of fanout option is to improve the performance by indexing CPU
> ID to map packets to the queues. This is used for load balancing.
> Fanout option is not required when there is a single queue specified.
>
> According to
Dear Sir or Madam
I am currently using nftables under Ubuntu 15.10. Kernel version is
4.2.0-16-generic and nftables version is nftables v0.4 (Support Edward Snowden).
I was looking for a way to match packets based on the mss optional value in the
tcp header. While using the describe command, I
Before this patch, chain deletetion abort path re-add chains in reverse
order of what was originally in the ruleset.
Invert the order, so the ruleset is exactly the same after abort.
Example, using 2 config files:
ruleset_good.nft:
8<
flush ruleset
table ip t {
chain c1 {
On Fri, Apr 08, 2016 at 08:18:40AM +0200, Mart Frauenlob wrote:
>
> Good day,
>
> this series includes some documentation updates and corrections for nfct.
Series applied.
> For the first patch: add missing commands to usage output,
>
> I was not able to trigger the usage output. I think the
On Fri, Apr 08, 2016 at 01:08:14AM +0530, Guruswamy Basavaiah wrote:
> Command ./iptables-restore-translate, was printing
> table name before the chain name for user added chains.
> This is breaking ./nft -f command.
>
> Before fix, output of "./iptables-restore-translate"
> add chain ip
Also applied.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Applied, thanks.
On Thu, Apr 07, 2016 at 08:31:42PM +0200, Mart Frauenlob wrote:
>
> Signed-off-by: Mart Frauenlob
> ---
> conntrack.8 | 17 +
> 1 files changed, 17 insertions(+), 0 deletions(-)
>
> diff --git a/conntrack.8 b/conntrack.8
> index
Applied.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
On Thu, Apr 07, 2016 at 08:31:38PM +0200, Mart Frauenlob wrote:
>
> Signed-off-by: Mart Frauenlob
> ---
> src/conntrack.c |2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/src/conntrack.c b/src/conntrack.c
> index dadbea5..162caa9 100644
>
On Fri, Apr 08, 2016 at 08:40:01AM +0200, Mart Frauenlob wrote:
> On 07.04.2016 19:53, Mart Frauenlob wrote:
> >On 07.04.2016 19:50, Pablo Neira Ayuso wrote:
> >>On Thu, Apr 07, 2016 at 07:33:43PM +0200, Mart Frauenlob wrote:
> >>>On 07.04.2016 18:47, Pablo Neira Ayuso wrote:
> On Mon, Apr 04,
Also unload NAT modules between tests.
Signed-off-by: Arturo Borrero Gonzalez
---
tests/shell/run-tests.sh |1 +
1 file changed, 1 insertion(+)
diff --git a/tests/shell/run-tests.sh b/tests/shell/run-tests.sh
index 620fe57..0bbb136 100755
---
On 07.04.2016 19:53, Mart Frauenlob wrote:
On 07.04.2016 19:50, Pablo Neira Ayuso wrote:
On Thu, Apr 07, 2016 at 07:33:43PM +0200, Mart Frauenlob wrote:
On 07.04.2016 18:47, Pablo Neira Ayuso wrote:
On Mon, Apr 04, 2016 at 11:39:40AM +0200, Mart Frauenlob wrote:
autoreconf fails with
The missing commands: flush, disable, default-set and default-get
were added to the manpage.
The description of the subsystem has been corrected.
Signed-off-by: Mart Frauenlob
---
nfct.8 | 16 +++-
1 files changed, 15 insertions(+), 1 deletions(-)
diff
Signed-off-by: Mart Frauenlob
---
src/nfct-extensions/helper.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/nfct-extensions/helper.c b/src/nfct-extensions/helper.c
index dfc55e7..0569827 100644
--- a/src/nfct-extensions/helper.c
+++
Signed-off-by: Mart Frauenlob
---
src/nfct-extensions/timeout.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/nfct-extensions/timeout.c b/src/nfct-extensions/timeout.c
index 1cb04a1..30f9464 100644
--- a/src/nfct-extensions/timeout.c
+++
Good day,
this series includes some documentation updates and corrections for nfct.
For the first patch: add missing commands to usage output,
I was not able to trigger the usage output. I think the parser is broken.
Best regards,
Mart
--
To unsubscribe from this list: send the line
21 matches
Mail list logo