On Tuesday 2017-03-28 18:23, SIMRAN SINGHAL wrote:
>On Tue, Mar 28, 2017 at 7:24 PM, Jan Engelhardt wrote:
>> On Tuesday 2017-03-28 15:13, simran singhal wrote:
>>
>>>Some functions like kmalloc/kzalloc return NULL on failure. When NULL
>>>represents failure, !x is commonly used.
>>>
>>>@@ -910,7
Replace explicit NULL comparison with ! operator to simplify code.
Signed-off-by: Arushi Singhal
---
net/netfilter/ipvs/ip_vs_ctl.c | 8 ++---
net/netfilter/ipvs/ip_vs_proto.c | 8 ++---
net/netfilter/nf_conntrack_broadcast.c | 2 +-
net/netfilter/nf_conntrack_core.c | 2 +
Fixed coding style for null comparisons to be more
consistant with the rest of the kernel coding style.
Signed-off-by: Arushi Singhal
---
net/bridge/netfilter/ebt_among.c | 12 ++--
net/bridge/netfilter/ebt_arp.c | 10 +-
net/bridge/netfilter/ebt_arpreply.c
This patch replace list_entry with list_{next/prev}_entry as it makes
the code more clear to read.
Signed-off-by: simran singhal
---
libiptc/libiptc.c | 12 +---
1 file changed, 5 insertions(+), 7 deletions(-)
diff --git a/libiptc/libiptc.c b/libiptc/libiptc.c
index a6e7057..5590cb8 100
Replace explicit NULL comparison with ! operator to simplify code.
Signed-off-by: Arushi Singhal
---
net/ipv6/netfilter/ip6_tables.c| 4 ++--
net/ipv6/netfilter/ip6t_SYNPROXY.c | 16
net/ipv6/netfilter/ip6t_ah.c | 2 +-
net/ipv6/ne
This patch replace list_entry with list_prev_entry as it makes the
code more clear to read.
Signed-off-by: simran singhal
---
net/netfilter/nf_tables_api.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index b764
The tech committee would like to announce the schedule.
There is a lot of great great content which we hope you are
going to enjoy.
There were also many other fantastic submissions which we were
unfortunately unable to accommodate. We appreciate everyone that
took the time to make a submission.
For string without format specifiers, use seq_puts(). For
seq_printf("\n"), use seq_putc('\n').
Signed-off-by: simran singhal
---
net/netfilter/ipvs/ip_vs_ctl.c | 8
net/netfilter/nf_conntrack_expect.c | 4 ++--
net/netfilter/nf_conntrack_standalone.c | 6 +++---
net/netfil
On Tue, 28 Mar 2017, Josh Hunt wrote:
> > Thinking over it I understand better your approach: replace
> > IPSET_ATTR_NETMASK with IPSET_ATTR_NETMASK_MASK completely and keeping
> > the former for backward compatibility reasons only. What I propose is
> > able to maintain syntax-compatibility in
On 03/28/2017 01:28 PM, Jozsef Kadlecsik wrote:
Hi Josh,
On Tue, 28 Mar 2017, Josh Hunt wrote:
Overall, I like the feature and the patches. After reviewing I comment
only the parts where I believe some modifications are needed.
Thanks for the review. I'll go through this and send a v2 in the
The following Coccinelle script was used to detect this:
@r@
expression x;
void* e;
type T;
identifier f;
@@
(
*((T *)e)
|
((T *)x)[...]
|
((T*)x)->f
|
- (T*)
e
)
Unnecessary parantheses are also remove.
Signed-off-by: simran singhal
---
v2:
-Remove unnecessary parantheses
net/br
Add translation for TOS to nftables. TOS is deprecated
ans DSCP is ued in place of it. The first 6 bits of
TOS specify the DSCP value.
Examples:
$ iptables-translate -t mangle -A PREROUTING -p TCP --dport 22 -j TOS --set-tos
0x10
nft add rule ip mangle PREROUTING tcp dport 22 counter ip6 dscp s
Hi Josh,
On Tue, 28 Mar 2017, Josh Hunt wrote:
> > Overall, I like the feature and the patches. After reviewing I comment
> > only the parts where I believe some modifications are needed.
>
> Thanks for the review. I'll go through this and send a v2 in the next
> few days.
Thinking over it I u
This patch removes typedefs from struct and renames it from "typedef struct
bitstr_t" to "struct bitstr" as per kernel coding standards."
Signed-off-by: Arushi Singhal
---
net/netfilter/nf_conntrack_h323_asn1.c | 80 +-
1 file changed, 40 insertions(+), 40 deletio
On Tue, Mar 28, 2017 at 9:22 PM, Florian Westphal wrote:
> Gargi Sharma wrote:
>> Add translation for TOS to nftables.
>>
>> Examples:
>>
>> $ iptables-translate -t mangle -A PREROUTING -p TCP --dport 22 -j TOS
>> --set-tos 0x10
>> nft add rule ip mangle PREROUTING tcp dport 22 counter --set-tos
To remove complexity of code the function is added in nfnetlink.h
to make code more clear and readable.
This is opencoded in a way that makes it error prone for future
netfilter netlink subsystems.
Signed-off-by: Arushi Singhal
---
changes in v3
-make the subject more clear.
include/linux/netf
To remove complexity of code the function is added in nfnetlink.h
to make code more clear and readable.
This is opencoded in a way that makes it error prone for future
netfilter netlink subsystems.
Signed-off-by: Arushi Singhal
---
changes in v2
- make the patch title more relevant
- make the c
On Tue, Mar 28, 2017 at 7:24 PM, Jan Engelhardt wrote:
> On Tuesday 2017-03-28 15:13, simran singhal wrote:
>
>>Some functions like kmalloc/kzalloc return NULL on failure. When NULL
>>represents failure, !x is commonly used.
>>
>>@@ -910,7 +910,7 @@ ip_vs_new_dest(struct ip_vs_service *svc, struct
Gargi Sharma wrote:
> Add translation for TOS to nftables.
>
> Examples:
>
> $ iptables-translate -t mangle -A PREROUTING -p TCP --dport 22 -j TOS
> --set-tos 0x10
> nft add rule ip mangle PREROUTING tcp dport 22 counter --set-tos 0x10/0xff
>
> $ iptables-translate -A PREROUTING -t mangle -p t
Add translation for TOS to nftables.
Examples:
$ iptables-translate -t mangle -A PREROUTING -p TCP --dport 22 -j TOS --set-tos
0x10
nft add rule ip mangle PREROUTING tcp dport 22 counter --set-tos 0x10/0xff
$ iptables-translate -A PREROUTING -t mangle -p tcp --sport ftp-data -j TOS
--set-tos 0
On Tue, 28 Mar 2017, simran singhal wrote:
> The following Coccinelle script was used to detect this:
> @r@
> expression x;
> void* e;
> type T;
> identifier f;
> @@
> (
> *((T *)e)
> |
> ((T *)x)[...]
> |
> ((T*)x)->f
> |
>
> - (T*)
> e
> )
>
> Signed-off-by: simran singhal
> ---
> ne
On Tue, Mar 28, 2017 at 06:30:56PM +0530, Arushi Singhal wrote:
> To remove complexity of code the function is added in nfnetlink.h
> to make code more clear and readable.
Patch looks good, you can also use this new function from other
_fill_info() functions in the netfilter code, eg.
nfn
From: Liping Zhang
We must call security_release_secctx to free the memory returned by
security_secid_to_secctx, otherwise memory may be leaked forever.
Fixes: ef493bd930ae ("netfilter: nfnetlink_queue: add security context
information")
Signed-off-by: Liping Zhang
---
net/netfilter/nfnetlink
From: simran singhal
> Sent: 28 March 2017 14:33
> This patch replaces ternary operator with macro max as it shorter and
> thus increases code readability. Macro max return the maximum of the two
> compared values.
...
> /* Convert error codes to nomatch */
> - return (ret < 0 ? 0 : ret);
The struct of the type option is only used to initialise a field
inside the ebt_u_watcher or ebt_u_target or ebt_u_match struct and
is not modified anywhere.
Signed-off-by: Gargi Sharma
---
Changes in v3:
- Correct the version number in subject prefix.
Changes in v2:
- Squash pat
On Tuesday 2017-03-28 15:32, simran singhal wrote:
>This patch replaces ternary operator with macro max as it shorter and
>thus increases code readability.
>
>- return (ret < 0 ? 0 : ret);
>+ return max(0, ret);
While the two are functionally equivalent, "max" conveys a meaning of
"upp
On Tuesday 2017-03-28 15:13, simran singhal wrote:
>Some functions like kmalloc/kzalloc return NULL on failure. When NULL
>represents failure, !x is commonly used.
>
>@@ -910,7 +910,7 @@ ip_vs_new_dest(struct ip_vs_service *svc, struct
>ip_vs_dest_user_kern *udest,
> }
>
> dest = kza
On Tuesday 2017-03-28 14:50, simran singhal wrote:
>The following Coccinelle script was used to detect this:
>@r@
>expression x;
>void* e;
>type T;
>identifier f;
>@@
>(
> *((T *)e)
>|
> ((T *)x)[...]
>|
> ((T*)x)->f
>|
>
>- (T*)
> e
>)
>
>Signed-off-by: simran singhal
>---
> net/bridge/netfi
On 03/27/2017 02:21 PM, Jozsef Kadlecsik wrote:
Hi Josh,
Overall, I like the feature and the patches. After reviewing I comment
only the parts where I believe some modifications are needed.
Jozsef
Thanks for the review. I'll go through this and send a v2 in the next
few days.
Josh
--
To u
Rmoved parentheses on the right hand side of assignment, as they are
not required. The following coccinelle script was used to fix this
issue:
@@
local idexpression id;
expression e;
@@
id =
-(
e
-)
Signed-off-by: Arushi Singhal
---
net/netfilter/ipvs/ip_vs_proto_tcp.c | 2 +-
net/netfilter/
This patch replaces ternary operator with macro max as it shorter and
thus increases code readability. Macro max return the maximum of the two
compared values.
Signed-off-by: simran singhal
---
net/netfilter/ipset/ip_set_core.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/
Some functions like kmalloc/kzalloc return NULL on failure. When NULL
represents failure, !x is commonly used.
Signed-off-by: simran singhal
---
v2:
-squash all the patches of the patch-set.
net/netfilter/ipvs/ip_vs_ctl.c | 4 ++--
net/netfilter/ipvs/ip_vs_dh.c| 2 +-
net
To remove complexity of code the function is added in nfnetlink.h
to make code more clear and readable.
Signed-off-by: Arushi Singhal
---
include/linux/netfilter/nfnetlink.h | 6 ++
net/netfilter/nf_conntrack_netlink.c | 12 +++-
2 files changed, 13 insertions(+), 5 deletions(-)
d
The following Coccinelle script was used to detect this:
@r@
expression x;
void* e;
type T;
identifier f;
@@
(
*((T *)e)
|
((T *)x)[...]
|
((T*)x)->f
|
- (T*)
e
)
Signed-off-by: simran singhal
---
net/bridge/netfilter/ebtables.c | 2 +-
net/ipv4/netfilter/arp_tables.c |
The struct of the type option is only used to initialise a field
inside the ebt_u_watcher or ebt_u_target or ebt_u_match struct and
is not modified anywhere.
Signed-off-by: Gargi Sharma
---
Changes in v2:
- Squash patches in the patchset.
---
extensions/ebt_802_3.c| 2 +-
extensions
On Tue, Mar 28, 2017 at 04:57:48PM +0530, Gargi Sharma wrote:
> The struct option is generally used only to initialise
> fields inside certain structs and is not modified anywhere.
> Done using Coccinelle:
>
> @r1 disable optional_qualifier@
> identifier s,i;
> position p;
> @@
>
> static struct
The struct of the type option is only used to initialise a field
inside the ebt_u_target struct and is not modified anywhere.
Signed-off-by: Gargi Sharma
---
extensions/ebt_arpreply.c | 2 +-
extensions/ebt_inat.c | 4 ++--
extensions/ebt_mark.c | 2 +-
extensions/ebt_nat.c | 4 ++-
The struct of the type option is only used to initialise a field
inside the ebt_u_match struct and is not modified anywhere.
Signed-off-by: Gargi Sharma
---
extensions/ebt_802_3.c | 2 +-
extensions/ebt_among.c | 2 +-
extensions/ebt_arp.c | 2 +-
extensions/ebt_ip.c | 2 +-
extens
The struct of the type option is only used to initialise a field
inside the ebt_u_watcher struct and is not modified anywhere.
Signed-off-by: Gargi Sharma
---
extensions/ebt_log.c | 2 +-
extensions/ebt_nflog.c | 2 +-
extensions/ebt_ulog.c | 2 +-
3 files changed, 3 insertions(+), 3 deletio
The struct option is generally used only to initialise
fields inside certain structs and is not modified anywhere.
Done using Coccinelle:
@r1 disable optional_qualifier@
identifier s,i;
position p;
@@
static struct option i@p[] ={...};
@ok1@
identifier r1.i;
expression e;
position p;
@@
e = i@p
Simplify function returns by merging assignment and return into one
statement.
Signed-off-by: simran singhal
---
v3:
-change commit message.
-merge two patches into one.
v2:
-Change the subject of cover patch
net/netfilter/ipset/ip_set_list_set.c | 5 +
net/netfilter/ipvs/ip_vs_f
successful insert into the bysource hash sets IPS_SRC_NAT_DONE status bit
so we can check that instead of presence of nat extension which requires
extra deref.
Signed-off-by: Florian Westphal
---
The idea is to get rid of nat extension for most cases, we don't
need it added by default anymore b
Check for the NAT status bits, they are set once conntrack needs NAT in source
or
reply direction, this is slightly faster than nfct_nat() as that has to check
the
extension area.
Signed-off-by: Florian Westphal
---
net/netfilter/ipvs/ip_vs_ftp.c | 2 +-
1 file changed, 1 insertion(+), 1 delet
43 matches
Mail list logo
