Hello,
this series of patches follows a discussion brought here about adding support
for deeper variable scopes especially in the flat notation. These patches add
a new variable scope to each include statement. The new scope is a child of
the parent scope (script in which the include resides).
Christoph Hellwig wrote:
> +
> +struct proc_dir_entry *proc_create_seq_data(const char *name, umode_t mode,
> + struct proc_dir_entry *parent, const struct seq_operations *ops,
> + void *data)
> +{
> ...
> +EXPORT_SYMBOL(proc_create_seq_data);
Please add documentation com
Hi,
Following the request on the bug tracker, here's the first patch
used to allow specifying any value in addition to the time unit.
So for example, this allows:
"limit 400/3 minute" or "235kbytes/6 day"
The first patch applies to libnftnl to change the "get_unit" internal
method (this is re
Hi,
And here's the second patch to netfilter repository itself to add
support for time period in place of units.
This allows:
"limit 400/3 minute" or "235kbytes/6 day"
I think Pablo Neira Ayuso reviewed it in your bugzilla.
Best regards,
Cyril
0001-Add-support-for-specifying-period-of-limit
Our CI started failing this morning on a test that ensures nft is able
to load our generated ruleset (ex: `nft -f test.txt`). It was
definitely a surprise for us since we hadn't touched our ruleset
template in quite a while.
After doing a little bit of digging, it looks like Fedora upgraded
from
Fran Fitzpatrick wrote:
> Test Ruleset That Identified Error:
> https://gist.github.com/fxfitz/79e63794adab2bddb8b312a3ea7af401
>
> PoC Ruleset That Fails (compliments of Xiretza on Freenode):
> https://ptpb.pw/J-QK.nft
>
> Can anyone help with this?
Its a bug that is fixed in the master branch
Got it. Thanks for the fast reply, Florian! We'll keep an eye out for
the next release.
On Mon, Apr 30, 2018 at 9:48 AM, Florian Westphal wrote:
> Fran Fitzpatrick wrote:
>> Test Ruleset That Identified Error:
>> https://gist.github.com/fxfitz/79e63794adab2bddb8b312a3ea7af401
>>
>> PoC Ruleset T
2018-04-30 3:03 GMT+09:00 Florian Westphal :
> Taehee Yoo wrote:
>> This patch adds the new release callback to release resources
>> allocated in nft_expr_type->select_ops.
>> This release callback can be used by error path in the
>> nf_tables_newrule routine.
>> Only the select_ops of the nft_com
Florian,
> Its a bug that is fixed in the master branch of nftables.git on
netfilter.org,
Out of curiosity, do you have the commit for that so I could take a look?
Thanks!
On Mon, Apr 30, 2018 at 9:48 AM, Florian Westphal wrote:
> Fran Fitzpatrick wrote:
>> Test Ruleset That Identified Error:
Fran Fitzpatrick wrote:
> Florian,
>
> > Its a bug that is fixed in the master branch of nftables.git on
> netfilter.org,
>
> Out of curiosity, do you have the commit for that so I could take a look?
http://git.netfilter.org/nftables/commit/?id=bdc77c63d5816fd50ac5a353f6a37d9b6a410b2c
http://gi
Note that your kernel hits the:
inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage.
swapper/0/0 [HC1[1]:SC0[0]:HE0:SE1] takes:
(ptrval) (fs_reclaim){?.+.}, at: fs_reclaim_acquire+0x12/0x35
{HARDIRQ-ON-W} state was registered at:
fs_reclaim_acquire
Taehee Yoo wrote:
> In the second patch, you said that you can't reproduce this problem.
> If the nft_counter is unloaded, you can reproduce this problem.
> Could you please test this?
Ineed, that reproduces this.
I think what nft_compat.c is doing in select_ops() is illegal,
select_ops should no
Florian Westphal wrote:
> Taehee Yoo wrote:
> > In the second patch, you said that you can't reproduce this problem.
> > If the nft_counter is unloaded, you can reproduce this problem.
> > Could you please test this?
>
> Ineed, that reproduces this.
> I think what nft_compat.c is doing in select
13 matches
Mail list logo