From: Florian Westphal <fw@strlen.de>
To: netfilter-devel@vger.kernel.org
Subject: [PATCH 0/7 -next] rm tproxy_core, ct event redelivery via workqueue
Date: Mon, 29 Jul 2013 15:41:49 +0200 [thread overview]
Message-ID: <1375105316-13216-1-git-send-email-fw@strlen.de> (raw)
Hi Pablo,
The following contains a bunch of patches that id'like to see in -next tree.
The two tproxy patches remove the nf_tproxy_core module - the TPROXY
target is changed to use the generic sock_edemux destructor
(this is one reason for the negative diffstat).
The three conntrack patches are yet another attempt at removing
the extra ecache timer: It implements redelivery via delayed work item
- the advantage is that redelivery is now under scheduler control and
thus competes fairly with the userspace event consumers.
I got slightly better results than current master branch, and a
lot better results compared to the old "single timer" based patch.
Because nf_conntrack_netlink.c contains a bit of redundant code copied
from nf_conntrack_core I rebased the "cleanup" parts of your patch titled
"netfilter: nf_conntrack: fix race in timer handling with reliable events"
which is sitting in patchwork: http://patchwork.ozlabs.org/patch/180436/
If you prefer to forward-port the cleanup bits yourself jsut let me know
when you're finished an I will rebase my changes.
Patches will also be sent in reply to this email.
The following changes since commit 496e4ae7dc944faa1721bfda7e9d834d5611a874:
netfilter: nf_queue: add NFQA_SKB_CSUM_NOTVERIFIED info flag (2013-06-30 18:15:48 +0200)
are available in the git repository at:
git://chamillionaire.breakpoint.cc/fw/nf-next.git pull-20130729
Florian Westphal (7):
netfilter: connlabels: remove unneeded includes
netfilter: nf_queue: relax NFQA_CT attribute check
netfilter: tproxy: remove nf_tproxy_core module, keep tw sock assigned to skb
netfilter: tproxy: remove nf_tproxy_core.h
netfilter: conntrack: remove duplicate code in conntrack_netlink
netfilter: conntrack: don't send destroy events from iterator
netfilter: conntrack: remove timer from ecache extension
Documentation/networking/tproxy.txt | 5 +-
include/net/netfilter/nf_conntrack.h | 14 +-
include/net/netfilter/nf_conntrack_ecache.h | 9 +-
include/net/netfilter/nf_tproxy_core.h | 210 --------------------
include/net/netns/conntrack.h | 5 +-
include/uapi/linux/netfilter/nf_conntrack_common.h | 8 +-
net/ipv4/netfilter/ipt_MASQUERADE.c | 2 +-
net/ipv6/netfilter/ip6t_MASQUERADE.c | 2 +-
net/netfilter/Kconfig | 22 +--
net/netfilter/Makefile | 3 -
net/netfilter/nf_conntrack_core.c | 131 +++----------
net/netfilter/nf_conntrack_ecache.c | 63 +++++-
net/netfilter/nf_conntrack_labels.c | 4 -
net/netfilter/nf_conntrack_netlink.c | 18 +--
net/netfilter/nf_conntrack_proto.c | 4 +-
net/netfilter/nf_nat_core.c | 6 +-
net/netfilter/nf_tproxy_core.c | 62 ------
net/netfilter/nfnetlink_queue_core.c | 4 +-
net/netfilter/xt_TPROXY.c | 167 ++++++++++++++++-
net/netfilter/xt_socket.c | 66 ++++++-
20 files changed, 353 insertions(+), 452 deletions(-)
delete mode 100644 include/net/netfilter/nf_tproxy_core.h
delete mode 100644 net/netfilter/nf_tproxy_core.c
next reply other threads:[~2013-07-29 13:40 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-29 13:41 Florian Westphal [this message]
2013-07-29 13:41 ` [PATCH 1/7] netfilter: connlabels: remove unneeded includes Florian Westphal
2013-07-31 16:56 ` Pablo Neira Ayuso
2013-07-29 13:41 ` [PATCH 2/7] netfilter: nf_queue: relax NFQA_CT attribute check Florian Westphal
2013-07-31 16:56 ` Pablo Neira Ayuso
2013-07-29 13:41 ` [PATCH 3/7] netfilter: tproxy: remove nf_tproxy_core, keep tw sk assigned to skb Florian Westphal
2013-07-31 16:57 ` Pablo Neira Ayuso
2013-07-29 13:41 ` [PATCH 4/7] netfilter: tproxy: remove nf_tproxy_core.h Florian Westphal
2013-07-31 16:58 ` Pablo Neira Ayuso
2013-07-29 13:41 ` [PATCH 5/7] netfilter: conntrack: remove duplicate code in conntrack_netlink Florian Westphal
2013-07-31 16:58 ` Pablo Neira Ayuso
2013-07-29 13:41 ` [PATCH 6/7] netfilter: conntrack: don't send destroy events from iterator Florian Westphal
2013-07-31 17:04 ` Pablo Neira Ayuso
2013-07-31 20:43 ` Florian Westphal
2013-08-09 10:08 ` Pablo Neira Ayuso
2013-07-29 13:41 ` [PATCH 7/7] netfilter: conntrack: remove timer from ecache extension Florian Westphal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1375105316-13216-1-git-send-email-fw@strlen.de \
--to=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.