Re: off-by-one in DecodeQ931

I'm a bit new to this; is this patch OK? On Tue, May 3, 2016 at 1:12 AM, Toby DiPasquale wrote: > On Mon, Apr 25, 2016 at 11:29 AM, Florian Westphal wrote: >> -> sz (size_t) will underflow here >> >> I'd suggest to change the if (sz < 1) to if (sz < 2) to >> resolve this, the while loop below ha

Re: [PATCH 1/3] netfilter: ipset: use setup_timer() and mod_timer().

On Sat, 14 May 2016, Muhammad Falak R Wani wrote: > Use setup_timer() and instead of init_timer(), being the preferred way > of setting up a timer. > > Also, quoting the mod_timer() function comment: > -> mod_timer() is a more efficient way to update the expire field of an >active timer (if t

Re: [PATCH nft] rule: add support for display flow tables content

On Fri, May 20, 2016 at 02:55:12PM +0200, Pablo M. Bermudo Garay wrote: > This commit adds a new command that displays the definition of a single > flow table: > > If no family is specified, ip is assumed. Applied, thanks. Please include an example next time in your patch description. -- To unsub

[PATCH nft] rule: add support for display flow tables content

This commit adds a new command that displays the definition of a single flow table: If no family is specified, ip is assumed. Signed-off-by: Pablo M. Bermudo Garay --- include/rule.h | 1 + src/evaluate.c | 11 +++ src/parser_bison.y | 4 src/rule.c | 2 ++ 4 fil

Re: [PATCH v2] xtables: Add a smaller delay option when waiting for xtables lock

On Tue, May 17, 2016 at 12:25:53PM -0600, subas...@codeaurora.org wrote: > >>iptables -w 2.1 > >> > >>0.01s sleep, retry > >>0.02s sleep, retry > >>0.03s sleep, retry > >>... > >>2.1s sleep, exit > >> > >>Note that it sleeps for 10ms and retries rather than sleeping for a > >>single > >>iteration f

Re: [PATCH] libnftnl: gitignore: Fix mistake in gitignore regexp

On Tue, May 17, 2016 at 09:11:39PM +0200, Carlos Falgueras García wrote: > If a whole directory was ignored, files inside it will not be checked. Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majord...@vger.kernel.org Mor

Re: [PATCH nft] rule: add 'list flow tables' support

On Thu, May 19, 2016 at 02:46:03PM +0200, Pablo M. Bermudo Garay wrote: > This commit adds a new command that lists flow tables: > > # nft list flow tables [family] > > Only the declaration is displayed. If no family is specified, all flow > tables of all families are listed. Applied, thanks

Re: [conntrack-tools PATCH] conntrackd: add support for NTA_(S|D)NAT_IPV6

On Wed, May 18, 2016 at 07:05:12PM +0200, Arturo Borrero Gonzalez wrote: > So we can properly sync NATed IPv6 connections. Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at h

Re: [libnetfilter_conntrack PATCH v2 2/3] src: add support for IPv6 NAT

On Wed, May 18, 2016 at 10:56:36AM +0200, Arturo Borrero Gonzalez wrote: > The conntrackd daemon lacks support for syncing IPv6 NATed connections. > > This patch adds support for managing the IPv6 part of struct __nfct_nat, > also updating the corresponsing symbols. Also applied, thanks. -- To un

Re: [libnetfilter_conntrack PATCH v2 1/3] src: add support for IPv6 to struct __nfct_nat

On Fri, May 20, 2016 at 11:34:39AM +0200, Pablo Neira Ayuso wrote: > This doesn't apply cleanly, please rebase on top of git HEAD and resubmit. Forget this, sorry. I forgot to pull before applying this. So now applied, thanks Arturo. -- To unsubscribe from this list: send the line "unsubscribe ne

Re: [libnetfilter_conntrack PATCH v2 1/3] src: add support for IPv6 to struct __nfct_nat

On Wed, May 18, 2016 at 10:56:19AM +0200, Arturo Borrero Gonzalez wrote: > The conntrackd daemon lacks support for syncing IPv6 NATed connections. > > This patch prepares the ground to give support to such operations: > * replace uint32_t with union __nfct_address in struct __nfct_nat. > * updat