From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
To: netfilter-devel@vger.kernel.org
Cc: Patrick McHardy <kaber@trash.net>,
Pablo Neira Ayuso <pablo@netfilter.org>,
Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Subject: [PATCH 00/13] ipset kernel patches v2
Date: Fri, 21 Jan 2011 15:01:53 +0100 [thread overview]
Message-ID: <1295618527-9583-1-git-send-email-kadlec@blackhole.kfki.hu> (raw)
Hi,
Here follows the updated ipset kernel patches. The terse list of the changes is
- Fix trailing whitespaces and pr_* messages
- Un-inline functions which are not small enough
- Fix module loading at create/header commands
- Fix wrong kzalloc flag in type_pf_expire
- The get_ip*_port functions are too large to be inlined, moved into the core
- Add missing __GFP_HIGHMEM flag to __vmalloc
- Enforce network-ordered data in the netlink protocol
- Use annotated types and fix sparse warnings
- Move ip_set_alloc, ip_set_free and ip_set_get_ipaddr* into the core
- NETMASK*, HOSTMASK* macros are too generic, replace with inline functions
- Use static LIST_HEAD() for ip_set_type_list
- Move NLA_PUT_NET* macros to include/net/netlink.h
- The module parameter max_sets should be unsigned int
- Get rid of ip_set_kernel.h
- Fix the placement style of boolean operators at continued lines
Vast of the changes are based on Patrick's review. I did not introduce nla_strcmp
and nla_strlcpy in the ip_set_rename function, because nla_strcmp would be called
in a loop and that is not optimal. Eric suggested to use vzalloc instead of
__vmalloc, however the former hasn't got a gfp_t argument, so I kept __vmalloc.
Two bugs are fixed compared to the previous version: the module-autoloading
issue and the wrong kzalloc flag in type_pf_expire. Therefore I'll release
a new ipset package today too.
Best regards,
Jozsef
Jozsef Kadlecsik (13):
NFNL_SUBSYS_IPSET id and NLA_PUT_NET* macros
IP set core support
bitmap:ip set type support
bitmap:ip,mac type support
bitmap:port set type support
hash:ip set type support
hash:ip,port set type support
hash:ip,port,ip set type support
hash:ip,port,net set type support
hash:net set type support
hash:net,port set type support
list:set set type support
"set" match and "SET" target support
include/linux/netfilter/ipset/ip_set.h | 449 +++++++
include/linux/netfilter/ipset/ip_set_ahash.h | 1074 ++++++++++++++++
include/linux/netfilter/ipset/ip_set_bitmap.h | 31 +
include/linux/netfilter/ipset/ip_set_getport.h | 11 +
include/linux/netfilter/ipset/ip_set_hash.h | 26 +
include/linux/netfilter/ipset/ip_set_list.h | 27 +
include/linux/netfilter/ipset/ip_set_timeout.h | 127 ++
include/linux/netfilter/ipset/pfxlen.h | 35 +
include/linux/netfilter/nfnetlink.h | 3 +-
include/linux/netfilter/xt_set.h | 55 +
include/net/netlink.h | 9 +
net/netfilter/Kconfig | 14 +
net/netfilter/Makefile | 4 +
net/netfilter/ipset/Kconfig | 121 ++
net/netfilter/ipset/Makefile | 24 +
net/netfilter/ipset/ip_set_bitmap_ip.c | 732 +++++++++++
net/netfilter/ipset/ip_set_bitmap_ipmac.c | 666 ++++++++++
net/netfilter/ipset/ip_set_bitmap_port.c | 649 ++++++++++
net/netfilter/ipset/ip_set_core.c | 1620 ++++++++++++++++++++++++
net/netfilter/ipset/ip_set_getport.c | 135 ++
net/netfilter/ipset/ip_set_hash_ip.c | 484 +++++++
net/netfilter/ipset/ip_set_hash_ipport.c | 565 +++++++++
net/netfilter/ipset/ip_set_hash_ipportip.c | 584 +++++++++
net/netfilter/ipset/ip_set_hash_ipportnet.c | 650 ++++++++++
net/netfilter/ipset/ip_set_hash_net.c | 480 +++++++
net/netfilter/ipset/ip_set_hash_netport.c | 601 +++++++++
net/netfilter/ipset/ip_set_list_set.c | 594 +++++++++
net/netfilter/ipset/pfxlen.c | 291 +++++
net/netfilter/xt_set.c | 370 ++++++
29 files changed, 10430 insertions(+), 1 deletions(-)
create mode 100644 include/linux/netfilter/ipset/ip_set.h
create mode 100644 include/linux/netfilter/ipset/ip_set_ahash.h
create mode 100644 include/linux/netfilter/ipset/ip_set_bitmap.h
create mode 100644 include/linux/netfilter/ipset/ip_set_getport.h
create mode 100644 include/linux/netfilter/ipset/ip_set_hash.h
create mode 100644 include/linux/netfilter/ipset/ip_set_list.h
create mode 100644 include/linux/netfilter/ipset/ip_set_timeout.h
create mode 100644 include/linux/netfilter/ipset/pfxlen.h
create mode 100644 include/linux/netfilter/xt_set.h
create mode 100644 net/netfilter/ipset/Kconfig
create mode 100644 net/netfilter/ipset/Makefile
create mode 100644 net/netfilter/ipset/ip_set_bitmap_ip.c
create mode 100644 net/netfilter/ipset/ip_set_bitmap_ipmac.c
create mode 100644 net/netfilter/ipset/ip_set_bitmap_port.c
create mode 100644 net/netfilter/ipset/ip_set_core.c
create mode 100644 net/netfilter/ipset/ip_set_getport.c
create mode 100644 net/netfilter/ipset/ip_set_hash_ip.c
create mode 100644 net/netfilter/ipset/ip_set_hash_ipport.c
create mode 100644 net/netfilter/ipset/ip_set_hash_ipportip.c
create mode 100644 net/netfilter/ipset/ip_set_hash_ipportnet.c
create mode 100644 net/netfilter/ipset/ip_set_hash_net.c
create mode 100644 net/netfilter/ipset/ip_set_hash_netport.c
create mode 100644 net/netfilter/ipset/ip_set_list_set.c
create mode 100644 net/netfilter/ipset/pfxlen.c
create mode 100644 net/netfilter/xt_set.c
next reply other threads:[~2011-01-21 14:02 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-21 14:01 Jozsef Kadlecsik [this message]
2011-01-21 14:01 ` [PATCH 01/13] NFNL_SUBSYS_IPSET id and NLA_PUT_NET* macros Jozsef Kadlecsik
2011-01-21 14:01 ` [PATCH 02/13] IP set core support Jozsef Kadlecsik
2011-01-21 14:01 ` [PATCH 03/13] bitmap:ip set type support Jozsef Kadlecsik
2011-01-21 14:01 ` [PATCH 04/13] bitmap:ip,mac " Jozsef Kadlecsik
2011-01-21 14:01 ` [PATCH 05/13] bitmap:port set " Jozsef Kadlecsik
2011-01-21 14:01 ` [PATCH 06/13] hash:ip " Jozsef Kadlecsik
2011-01-21 14:02 ` [PATCH 07/13] hash:ip,port " Jozsef Kadlecsik
2011-01-21 14:02 ` [PATCH 08/13] hash:ip,port,ip " Jozsef Kadlecsik
2011-01-21 14:02 ` [PATCH 09/13] hash:ip,port,net " Jozsef Kadlecsik
2011-01-21 14:02 ` [PATCH 10/13] hash:net " Jozsef Kadlecsik
2011-01-21 14:02 ` [PATCH 11/13] hash:net,port " Jozsef Kadlecsik
2011-01-21 14:02 ` [PATCH 12/13] list:set " Jozsef Kadlecsik
2011-01-21 14:02 ` [PATCH 13/13] "set" match and "SET" target support Jozsef Kadlecsik
2011-01-25 15:18 ` Patrick McHardy
2011-01-25 21:40 ` Jozsef Kadlecsik
2011-01-25 15:05 ` [PATCH 03/13] bitmap:ip set type support Patrick McHardy
2011-01-25 21:34 ` Jozsef Kadlecsik
2011-01-27 9:06 ` Jozsef Kadlecsik
2011-01-27 9:08 ` Patrick McHardy
2011-01-21 21:39 ` [PATCH 02/13] IP set core support Jozsef Kadlecsik
2011-01-25 14:47 ` Patrick McHardy
2011-01-25 21:23 ` Jozsef Kadlecsik
2011-01-26 11:57 ` Patrick McHardy
2011-01-26 11:57 ` Patrick McHardy
2011-01-25 15:06 ` Patrick McHardy
2011-01-25 21:28 ` Jozsef Kadlecsik
2011-01-27 8:58 ` Jozsef Kadlecsik
2011-01-25 15:38 ` [PATCH 00/13] ipset kernel patches v2 Patrick McHardy
2011-01-25 21:41 ` Jozsef Kadlecsik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1295618527-9583-1-git-send-email-kadlec@blackhole.kfki.hu \
--to=kadlec@blackhole.kfki.hu \
--cc=kaber@trash.net \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.