date:20160512

Re: [PATCH nf V2] netfilter: fix oops in nfqueue during netns error unwinding

2016-05-12 Thread Florian Westphal

Eric W. Biederman wrote: > > On Wed, May 11, 2016 at 05:41:13PM +0200, Florian Westphal wrote: > >> diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c > >> index 5baa8e2..9722819 100644 > >> --- a/net/netfilter/nf_queue.c > >> +++ b/net/netfilter/nf_queue.c > >> @@ -102,6 +102,13 @@

Re: [PATCH nf V2] netfilter: fix oops in nfqueue during netns error unwinding

2016-05-12 Thread Eric W. Biederman

Pablo Neira Ayuso writes: > On Wed, May 11, 2016 at 05:41:13PM +0200, Florian Westphal wrote: >> diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c >> index 5baa8e2..9722819 100644 >> --- a/net/netfilter/nf_queue.c >> +++ b/net/netfilter/nf_queue.c >> @@ -102,6 +102,13 @@ void nf_qu

Re: [PATCH nf] netfilter: nfnetlink_queue: fix timestamp attribute

2016-05-12 Thread Pablo Neira Ayuso

On Thu, May 12, 2016 at 05:07:32PM +0200, Pablo Neira Ayuso wrote: > On Thu, May 12, 2016 at 02:43:54PM +0200, Florian Westphal wrote: > > Since 4.4 we erronously use timestamp of the netlink skb (which is zero). > > > > Bugzilla: https://bugzilla.netfilter.org/show_bug.cgi?id=1066 > > Fixes: b28b

Re: [PATCH nf] netfilter: nfnetlink_queue: fix timestamp attribute

2016-05-12 Thread Pablo Neira Ayuso

On Thu, May 12, 2016 at 02:43:54PM +0200, Florian Westphal wrote: > Since 4.4 we erronously use timestamp of the netlink skb (which is zero). > > Bugzilla: https://bugzilla.netfilter.org/show_bug.cgi?id=1066 > Fixes: b28b1e826f818c30ea7 ("netfilter: nfnetlink_queue: use y2038 safe > timestamp") >

[PATCH nf] netfilter: nfnetlink_queue: fix timestamp attribute

2016-05-12 Thread Florian Westphal

Since 4.4 we erronously use timestamp of the netlink skb (which is zero). Bugzilla: https://bugzilla.netfilter.org/show_bug.cgi?id=1066 Fixes: b28b1e826f818c30ea7 ("netfilter: nfnetlink_queue: use y2038 safe timestamp") Signed-off-by: Florian Westphal --- net/netfilter/nfnetlink_queue.c | 2 +-

[PATCH v3] doc: Complete the documentation of statements

2016-05-12 Thread Shivani Bhardwaj

Add documentation corresponding to LOG STATEMENT, REJECT STATEMENT, COUNTER STATEMENT, META STATEMENT, LIMIT STATEMENT, NAT STATEMENT, QUEUE STATEMENT. Signed-off-by: Shivani Bhardwaj --- Changes in v3: Correct meta fields, use lowercase statement names, merge nflog with log. Cha

Re: [PATCH v2] doc: Complete the documentation of statements

2016-05-12 Thread Shivani Bhardwaj

On Thu, May 12, 2016 at 4:35 PM, Pablo Neira Ayuso wrote: > On Thu, May 12, 2016 at 04:21:06PM +0530, Shivani Bhardwaj wrote: >> On Thu, May 12, 2016 at 3:14 PM, Pablo Neira Ayuso >> wrote: >> > On Thu, May 12, 2016 at 01:38:45PM +0530, Shivani Bhardwaj wrote: >> >> + >> >>

Re: [PATCH v2] doc: Complete the documentation of statements

2016-05-12 Thread Pablo Neira Ayuso

On Thu, May 12, 2016 at 04:21:06PM +0530, Shivani Bhardwaj wrote: > On Thu, May 12, 2016 at 3:14 PM, Pablo Neira Ayuso > wrote: > > On Thu, May 12, 2016 at 01:38:45PM +0530, Shivani Bhardwaj wrote: > >> + > >> + The nflog statement provides > >>

Re: [PATCH v2] doc: Complete the documentation of statements

2016-05-12 Thread Shivani Bhardwaj

On Thu, May 12, 2016 at 3:14 PM, Pablo Neira Ayuso wrote: > On Thu, May 12, 2016 at 01:38:45PM +0530, Shivani Bhardwaj wrote: >> Add documentation corresponding to LOG STATEMENT, NFLOG STATEMENT, >> REJECT STATEMENT, COUNTER STATEMENT, META STATEMENT, LIMIT STATEMENT, >> NAT STATEMENT and QUEUE ST

Re: [PATCH nf-next] netfilter: allow logging from non-init namespaces

2016-05-12 Thread Pablo Neira Ayuso

Hi Michal, On Wed, Apr 27, 2016 at 02:48:02PM +0200, Michal Kubecek wrote: > Commit 69b34fb996b2 ("netfilter: xt_LOG: add net namespace support for > xt_LOG") disabled logging packets using the LOG target from non-init > namespaces. The motivation was to prevent containers from flooding > kernel l

Re: [PATCH nf V2] netfilter: fix oops in nfqueue during netns error unwinding

2016-05-12 Thread Pablo Neira Ayuso

On Wed, May 11, 2016 at 05:41:13PM +0200, Florian Westphal wrote: > diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c > index 5baa8e2..9722819 100644 > --- a/net/netfilter/nf_queue.c > +++ b/net/netfilter/nf_queue.c > @@ -102,6 +102,13 @@ void nf_queue_nf_hook_drop(struct net *net, s

Re: [PATCH v2] doc: Complete the documentation of statements

2016-05-12 Thread Pablo Neira Ayuso

On Thu, May 12, 2016 at 01:38:45PM +0530, Shivani Bhardwaj wrote: > Add documentation corresponding to LOG STATEMENT, NFLOG STATEMENT, > REJECT STATEMENT, COUNTER STATEMENT, META STATEMENT, LIMIT STATEMENT, > NAT STATEMENT and QUEUE STATEMENT. > > Signed-off-by: Shivani Bhardwaj > --- > Changes i

[PATCH v2] doc: Complete the documentation of statements

2016-05-12 Thread Shivani Bhardwaj

Add documentation corresponding to LOG STATEMENT, NFLOG STATEMENT, REJECT STATEMENT, COUNTER STATEMENT, META STATEMENT, LIMIT STATEMENT, NAT STATEMENT and QUEUE STATEMENT. Signed-off-by: Shivani Bhardwaj --- Changes in v2: Add more content to the description. doc/nft.xml | 259 +

Re: [PATCH nf V2] netfilter: fix oops in nfqueue during netns error unwinding

Re: [PATCH nf V2] netfilter: fix oops in nfqueue during netns error unwinding

Re: [PATCH nf] netfilter: nfnetlink_queue: fix timestamp attribute

Re: [PATCH nf] netfilter: nfnetlink_queue: fix timestamp attribute

[PATCH nf] netfilter: nfnetlink_queue: fix timestamp attribute

[PATCH v3] doc: Complete the documentation of statements

Re: [PATCH v2] doc: Complete the documentation of statements

Re: [PATCH v2] doc: Complete the documentation of statements

Re: [PATCH v2] doc: Complete the documentation of statements

Re: [PATCH nf-next] netfilter: allow logging from non-init namespaces

Re: [PATCH nf V2] netfilter: fix oops in nfqueue during netns error unwinding

Re: [PATCH v2] doc: Complete the documentation of statements

[PATCH v2] doc: Complete the documentation of statements

13 matches

Site Navigation

Mail list logo

Footer information