From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org
Subject: [PATCH 0/5] Netfilter fixes for net
Date: Tue, 4 Aug 2020 22:02:03 +0200 [thread overview]
Message-ID: <20200804200208.18620-1-pablo@netfilter.org> (raw)
Hi,
The following patchset contains Netfilter fixes for net:
1) Flush the cleanup xtables worker to make sure destructors
have completed, from Florian Westphal.
2) iifgroup is matching erroneously, also from Florian.
3) Add selftest for meta interface matching, from Florian Westphal.
4) Move nf_ct_offload_timeout() to header, from Roi Dayan.
5) Call nf_ct_offload_timeout() from flow_offload_add() to
make sure garbage collection does not evict offloaded flow,
from Roi Dayan.
Please, pull these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git
Thank you!
----------------------------------------------------------------
The following changes since commit 85496a29224188051b6135eb38da8afd4c584765:
net: gemini: Fix missing clk_disable_unprepare() in error path of gemini_ethernet_port_probe() (2020-07-30 17:45:13 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git HEAD
for you to fetch changes up to 4203b19c27967d9eff6928f6a733f81892ffc592:
netfilter: flowtable: Set offload timeout when adding flow (2020-08-03 12:37:24 +0200)
----------------------------------------------------------------
Florian Westphal (3):
netfilter: nft_compat: make sure xtables destructors have run
netfilter: nft_meta: fix iifgroup matching
selftests: netfilter: add meta iif/oif match test
Roi Dayan (2):
netfilter: conntrack: Move nf_ct_offload_timeout to header file
netfilter: flowtable: Set offload timeout when adding flow
include/net/netfilter/nf_conntrack.h | 12 +++
include/net/netfilter/nf_tables.h | 2 +
net/netfilter/nf_conntrack_core.c | 12 ---
net/netfilter/nf_flow_table_core.c | 2 +
net/netfilter/nf_tables_api.c | 10 ++-
net/netfilter/nft_compat.c | 36 +++++++-
net/netfilter/nft_meta.c | 2 +-
tools/testing/selftests/netfilter/Makefile | 2 +-
tools/testing/selftests/netfilter/nft_meta.sh | 124 ++++++++++++++++++++++++++
9 files changed, 182 insertions(+), 20 deletions(-)
create mode 100755 tools/testing/selftests/netfilter/nft_meta.sh
next reply other threads:[~2020-08-04 20:02 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-04 20:02 Pablo Neira Ayuso [this message]
2020-08-04 20:02 ` [PATCH 1/5] netfilter: nft_compat: make sure xtables destructors have run Pablo Neira Ayuso
2020-08-04 20:02 ` [PATCH 2/5] netfilter: nft_meta: fix iifgroup matching Pablo Neira Ayuso
2020-08-04 20:02 ` [PATCH 3/5] selftests: netfilter: add meta iif/oif match test Pablo Neira Ayuso
2020-08-04 20:02 ` [PATCH 4/5] netfilter: conntrack: Move nf_ct_offload_timeout to header file Pablo Neira Ayuso
2020-08-04 20:02 ` [PATCH 5/5] netfilter: flowtable: Set offload timeout when adding flow Pablo Neira Ayuso
2020-08-04 20:32 ` [PATCH 0/5] Netfilter fixes for net David Miller
-- strict thread matches above, loose matches on Subject: below --
2020-09-08 15:09 Pablo Neira Ayuso
2020-09-09 3:08 ` David Miller
2020-05-25 21:54 Pablo Neira Ayuso
2020-05-26 1:29 ` David Miller
2020-05-26 20:10 ` Pablo Neira Ayuso
2020-05-26 23:08 ` David Miller
2019-09-25 20:29 Pablo Neira Ayuso
2019-09-27 18:16 ` David Miller
2019-09-04 19:36 Pablo Neira Ayuso
2019-09-04 22:04 ` David Miller
2019-08-30 12:06 Pablo Neira Ayuso
2019-08-31 0:52 ` David Miller
2019-08-19 18:49 Pablo Neira Ayuso
2019-08-19 20:16 ` David Miller
2019-03-11 22:50 Pablo Neira Ayuso
2019-03-11 23:14 ` David Miller
2018-12-13 1:06 Pablo Neira Ayuso
2018-12-13 5:37 ` David Miller
2017-08-24 14:43 Pablo Neira Ayuso
2017-08-24 18:49 ` David Miller
2017-07-18 10:13 Pablo Neira Ayuso
2017-07-18 19:03 ` David Miller
2017-07-18 21:11 ` Florian Westphal
2017-07-18 21:54 ` David Miller
2015-08-10 17:58 Pablo Neira Ayuso
2015-08-11 4:08 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200804200208.18620-1-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).