* iptables release @ 2007-11-27 16:52 Patrick McHardy 2007-11-27 18:57 ` Jan Engelhardt ` (4 more replies) 0 siblings, 5 replies; 30+ messages in thread From: Patrick McHardy @ 2007-11-27 16:52 UTC (permalink / raw) To: Netfilter Core Team; +Cc: Netfilter Development Mailinglist I have a large number of pending patches for iptables for new matches and targets. I'm not going apply patches for new things unless they are at least in a -rc kernel, so we have a chance to fix mistakes. So my question is whether we're ready to release the current iptables -rc anytime soon (before/when 2.6.24 is released) or whether we're more likely going to need until 2.6.25, in which case I would apply them now. Any opinions? ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-27 16:52 iptables release Patrick McHardy @ 2007-11-27 18:57 ` Jan Engelhardt 2007-11-27 19:04 ` Patrick McHardy 2007-11-27 21:58 ` Jesper Dangaard Brouer ` (3 subsequent siblings) 4 siblings, 1 reply; 30+ messages in thread From: Jan Engelhardt @ 2007-11-27 18:57 UTC (permalink / raw) To: Patrick McHardy; +Cc: Netfilter Core Team, Netfilter Development Mailinglist On Nov 27 2007 17:52, Patrick McHardy wrote: > > I have a large number of pending patches for iptables for new > matches and targets. I'm not going apply patches for new things > unless they are at least in a -rc kernel, so we have a chance to > fix mistakes. So my question is whether we're ready to release > the current iptables -rc anytime soon (before/when 2.6.24 is > released) or whether we're more likely going to need until 2.6.25, > in which case I would apply them now. > > Any opinions? Apply now, make an rc2 (maybe?), apply more gems (coming), target 2.6.25, be done :-) ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-27 18:57 ` Jan Engelhardt @ 2007-11-27 19:04 ` Patrick McHardy 2007-11-28 17:49 ` Jan Engelhardt 0 siblings, 1 reply; 30+ messages in thread From: Patrick McHardy @ 2007-11-27 19:04 UTC (permalink / raw) To: Jan Engelhardt; +Cc: Netfilter Core Team, Netfilter Development Mailinglist Jan Engelhardt wrote: > On Nov 27 2007 17:52, Patrick McHardy wrote: >> I have a large number of pending patches for iptables for new >> matches and targets. I'm not going apply patches for new things >> unless they are at least in a -rc kernel, so we have a chance to >> fix mistakes. So my question is whether we're ready to release >> the current iptables -rc anytime soon (before/when 2.6.24 is >> released) or whether we're more likely going to need until 2.6.25, >> in which case I would apply them now. >> >> Any opinions? > > Apply now, make an rc2 (maybe?), > apply more gems (coming), target 2.6.25, > be done :-) I'm aiming for one release per kernel release to get new stuff out in time for testing. Unfortunately we're already way behind, so I'd prefer an earlier release than 2.6.25. My feeling is that the current -rc works well, so if nobody is aware of any big issues, I think we should release the current version in a few weeks when 2.6.24 comes out. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-27 19:04 ` Patrick McHardy @ 2007-11-28 17:49 ` Jan Engelhardt 0 siblings, 0 replies; 30+ messages in thread From: Jan Engelhardt @ 2007-11-28 17:49 UTC (permalink / raw) To: Patrick McHardy; +Cc: Netfilter Core Team, Netfilter Development Mailinglist On Nov 27 2007 20:04, Patrick McHardy wrote: > Jan Engelhardt wrote: >> On Nov 27 2007 17:52, Patrick McHardy wrote: >> > I have a large number of pending patches for iptables for new >> > matches and targets. I'm not going apply patches for new things >> > unless they are at least in a -rc kernel, so we have a chance to >> > fix mistakes. So my question is whether we're ready to release >> > the current iptables -rc anytime soon (before/when 2.6.24 is >> > released) or whether we're more likely going to need until 2.6.25, >> > in which case I would apply them now. >> > >> > Any opinions? >> >> Apply now, make an rc2 (maybe?), >> apply more gems (coming), target 2.6.25, >> be done :-) > > I'm aiming for one release per kernel release to get new stuff > out in time for testing. Unfortunately we're already way behind, > so I'd prefer an earlier release than 2.6.25. My feeling is that > the current -rc works well, so if nobody is aware of any big > issues, I think we should release the current version in a few > weeks when 2.6.24 comes out. > I have pushed out (as patches) everything I wanted to, so it is now up to you what to cherry-pick. The autoconf one might get a little last tweaking once the .*-test situation is clear. I'd just import ipt_condition.h and so to fix it. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-27 16:52 iptables release Patrick McHardy 2007-11-27 18:57 ` Jan Engelhardt @ 2007-11-27 21:58 ` Jesper Dangaard Brouer 2007-11-28 8:30 ` Patrick McHardy 2007-11-29 2:49 ` Yasuyuki KOZAKAI ` (2 subsequent siblings) 4 siblings, 1 reply; 30+ messages in thread From: Jesper Dangaard Brouer @ 2007-11-27 21:58 UTC (permalink / raw) To: Patrick McHardy; +Cc: Netfilter Core Team, Netfilter Development Mailinglist On Tue, 27 Nov 2007, Patrick McHardy wrote: > I have a large number of pending patches for iptables for new > matches and targets. I'm not going apply patches for new things > unless they are at least in a -rc kernel, so we have a chance to > fix mistakes. So my question is whether we're ready to release > the current iptables -rc anytime soon (before/when 2.6.24 is > released) or whether we're more likely going to need until 2.6.25, > in which case I would apply them now. What about my performance/scalability patches, do I need to wait another kernel cycle to see them released? I think that, at least patch 1/2 should be applied, as its a obvious fix. For at patch 2/2, I would like some comments on the type casting, e.g. if it will work on all platforms e.g. 64-bit. I'm also working on a faster chain list search (because listing all rules still takes 17 sec on production server with patches applied). That patch should, settle a bit in SVN before released. Note, right now I have some spare time to work on iptables, in a week I don't. Please give me some feedback on the patches. Hilsen Jesper Brouer -- ------------------------------------------------------------------- MSc. Master of Computer Science Dept. of Computer Science, University of Copenhagen Author of http://www.adsl-optimizer.dk ------------------------------------------------------------------- ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-27 21:58 ` Jesper Dangaard Brouer @ 2007-11-28 8:30 ` Patrick McHardy 0 siblings, 0 replies; 30+ messages in thread From: Patrick McHardy @ 2007-11-28 8:30 UTC (permalink / raw) To: Jesper Dangaard Brouer Cc: Netfilter Core Team, Netfilter Development Mailinglist Jesper Dangaard Brouer wrote: > On Tue, 27 Nov 2007, Patrick McHardy wrote: > >> I have a large number of pending patches for iptables for new >> matches and targets. I'm not going apply patches for new things >> unless they are at least in a -rc kernel, so we have a chance to >> fix mistakes. So my question is whether we're ready to release >> the current iptables -rc anytime soon (before/when 2.6.24 is >> released) or whether we're more likely going to need until 2.6.25, >> in which case I would apply them now. > > What about my performance/scalability patches, do I need to wait another > kernel cycle to see them released? > > I think that, at least patch 1/2 should be applied, as its a obvious fix. Yes, the first one is obviously fine. I'm going to apply it now. > For at patch 2/2, I would like some comments on the type casting, e.g. > if it will work on all platforms e.g. 64-bit. I'll have a closer look. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-27 16:52 iptables release Patrick McHardy 2007-11-27 18:57 ` Jan Engelhardt 2007-11-27 21:58 ` Jesper Dangaard Brouer @ 2007-11-29 2:49 ` Yasuyuki KOZAKAI 2007-11-29 6:00 ` Yasuyuki KOZAKAI [not found] ` <200711290249.lAT2nkEr004081@toshiba.co.jp> 2007-11-29 17:46 ` [netfilter-core] " Harald Welte 4 siblings, 1 reply; 30+ messages in thread From: Yasuyuki KOZAKAI @ 2007-11-29 2:49 UTC (permalink / raw) To: kaber; +Cc: coreteam, netfilter-devel From: Patrick McHardy <kaber@trash.net> Date: Tue, 27 Nov 2007 17:52:55 +0100 > I have a large number of pending patches for iptables for new > matches and targets. I'm not going apply patches for new things > unless they are at least in a -rc kernel, so we have a chance to > fix mistakes. So my question is whether we're ready to release > the current iptables -rc anytime soon (before/when 2.6.24 is > released) or whether we're more likely going to need until 2.6.25, > in which case I would apply them now. > > Any opinions? Please wait a few hours at least to release iptables. Just after sending this mail, I'll moves some libipt_*.man to libxt_*.man and remove libip6t_state.c which I forgot to remove. -- Yasuyuki Kozakai ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-29 2:49 ` Yasuyuki KOZAKAI @ 2007-11-29 6:00 ` Yasuyuki KOZAKAI 0 siblings, 0 replies; 30+ messages in thread From: Yasuyuki KOZAKAI @ 2007-11-29 6:00 UTC (permalink / raw) To: yasuyuki.kozakai; +Cc: kaber, coreteam, netfilter-devel Hi, Patrick, From: Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp> > Please wait a few hours at least to release iptables. Just after sending > this mail, I'll moves some libipt_*.man to libxt_*.man and remove > libip6t_state.c which I forgot to remove. Done. - I've moved following libipt_*.man to libxt_*.man where libxt_*.c. exists and libip6t_*.man does not exist. CLASSIFY, CONNMARK, CONNSECMARK, DSCP, NOTRACK, comment, connbytes, connmark, dccp, dscp, hashlimit, helper, pkttype, quota, sctp, state, string, tcpmss - I've unified libipt_*.man and libip6t_*.man into libxt_*.man where they have no difference and libxt_*.c exists. NFQUEUE, SECMARK, esp, limit, mac, mark, physdev, udp - I've removed libip6t_state.c and libip6t_u32.man. libxt_* for them exist. - I've fixed typo in extensions/Makefile as follows. Now selinux related modules would be correctly build by DO_SELINUX=1. Index: extensions/Makefile =================================================================== --- extensions/Makefile (revision 7127) +++ extensions/Makefile (revision 7128) @@ -15,8 +15,8 @@ ifeq ($(DO_SELINUX), 1) PF_EXT_SE_SLIB:=$(PF_EXT_SELINUX_SLIB) -PF6_EXT_SE_SLIB:=$(PF_EXT_SELINUX_SLIB) -PFX_EXT_SE_SLIB:=$(PF_EXT_SELINUX_SLIB) +PF6_EXT_SE_SLIB:=$(PF6_EXT_SELINUX_SLIB) +PFX_EXT_SE_SLIB:=$(PFX_EXT_SELINUX_SLIB) endif # Optionals Regards, -- Yasuyuki Kozakai ^ permalink raw reply [flat|nested] 30+ messages in thread
[parent not found: <200711290249.lAT2nkEr004081@toshiba.co.jp>]
* Re: iptables release [not found] ` <200711290249.lAT2nkEr004081@toshiba.co.jp> @ 2007-11-29 7:02 ` Patrick McHardy 2007-11-29 8:01 ` Yasuyuki KOZAKAI 2007-11-29 20:46 ` Jesper Dangaard Brouer 0 siblings, 2 replies; 30+ messages in thread From: Patrick McHardy @ 2007-11-29 7:02 UTC (permalink / raw) To: Yasuyuki KOZAKAI; +Cc: coreteam, netfilter-devel Yasuyuki KOZAKAI wrote: > From: Patrick McHardy <kaber@trash.net> > Date: Tue, 27 Nov 2007 17:52:55 +0100 > >> I have a large number of pending patches for iptables for new >> matches and targets. I'm not going apply patches for new things >> unless they are at least in a -rc kernel, so we have a chance to >> fix mistakes. So my question is whether we're ready to release >> the current iptables -rc anytime soon (before/when 2.6.24 is >> released) or whether we're more likely going to need until 2.6.25, >> in which case I would apply them now. >> >> Any opinions? > > Please wait a few hours at least to release iptables. Just after sending > this mail, I'll moves some libipt_*.man to libxt_*.man and remove > libip6t_state.c which I forgot to remove. Don't worry, I think releasing in time for 2.6.24 would be enough. BTW, judging by your last batch of xtables patches you seem to have managed to import the netfilter SVN in git. I keep getting errors related to paths: $ git-svnimport -v -C nf.git http://svn.netfilter.org/netfilter Initialized empty Git repository in /tmp/nf.git/.git/ 1: Unrecognized path: /patch-o-matic-ng/trunk/pptp-conntrack-nat/linux/include/linux/netfilter_ipv4/ip_nat_pptp.h 1: Unrecognized path: /patch-o-matic-ng/trunk/pptp-conntrack-nat/help 1: Unrecognized path: /patch-o-matic-ng/trunk/pptp-conntrack-nat/linux/include/linux/netfilter_ipv4/ip_conntrack_pptp.h It seems it switches the first directory and "trunk". Did you use git-svnimport or just git-svn for importing? ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-29 7:02 ` Patrick McHardy @ 2007-11-29 8:01 ` Yasuyuki KOZAKAI 2007-11-29 8:10 ` Jan Engelhardt 2007-11-29 20:46 ` Jesper Dangaard Brouer 1 sibling, 1 reply; 30+ messages in thread From: Yasuyuki KOZAKAI @ 2007-11-29 8:01 UTC (permalink / raw) To: kaber; +Cc: yasuyuki.kozakai, coreteam, netfilter-devel From: Patrick McHardy <kaber@trash.net> > Don't worry, I think releasing in time for 2.6.24 would be enough. Thanks. > BTW, judging by your last batch of xtables patches you seem to have > managed to import the netfilter SVN in git. I keep getting errors > related to paths: > > $ git-svnimport -v -C nf.git http://svn.netfilter.org/netfilter > Initialized empty Git repository in /tmp/nf.git/.git/ > 1: Unrecognized path: > /patch-o-matic-ng/trunk/pptp-conntrack-nat/linux/include/linux/netfilter_ipv4/ip_nat_pptp.h > 1: Unrecognized path: /patch-o-matic-ng/trunk/pptp-conntrack-nat/help > 1: Unrecognized path: > /patch-o-matic-ng/trunk/pptp-conntrack-nat/linux/include/linux/netfilter_ipv4/ip_conntrack_pptp.h > > It seems it switches the first directory and "trunk". Did you use > git-svnimport or just git-svn for importing? Actually, I have not succeeded to manage them. I manually do 'svn update' on master branch on local git tree and commits updates, and create new branch on git tree for my development. -- Yasuyuki Kozakai ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-29 8:01 ` Yasuyuki KOZAKAI @ 2007-11-29 8:10 ` Jan Engelhardt 2007-11-29 8:27 ` Patrick McHardy 0 siblings, 1 reply; 30+ messages in thread From: Jan Engelhardt @ 2007-11-29 8:10 UTC (permalink / raw) To: Yasuyuki KOZAKAI; +Cc: kaber, coreteam, netfilter-devel On Nov 29 2007 17:01, Yasuyuki KOZAKAI wrote: > >> BTW, judging by your last batch of xtables patches you seem to have >> managed to import the netfilter SVN in git. I keep getting errors >> related to paths: >> >> $ git-svnimport -v -C nf.git http://svn.netfilter.org/netfilter >> Initialized empty Git repository in /tmp/nf.git/.git/ >> 1: Unrecognized path: >> /patch-o-matic-ng/trunk/pptp-conntrack-nat/linux/include/linux/netfilter_ipv4/ip_nat_pptp.h >> 1: Unrecognized path: /patch-o-matic-ng/trunk/pptp-conntrack-nat/help >> 1: Unrecognized path: >> /patch-o-matic-ng/trunk/pptp-conntrack-nat/linux/include/linux/netfilter_ipv4/ip_conntrack_pptp.h >> >> It seems it switches the first directory and "trunk". Did you use >> git-svnimport or just git-svn for importing? > >Actually, I have not succeeded to manage them. I manually do 'svn update' >on master branch on local git tree and commits updates, and create new branch >on git tree for my development. > Also, there is no indication that a move was done (e.g. r7117) but instead a hand copy. I prefer using native svn, or switching to git entirely. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-29 8:10 ` Jan Engelhardt @ 2007-11-29 8:27 ` Patrick McHardy 2007-11-29 8:47 ` Jan Engelhardt 0 siblings, 1 reply; 30+ messages in thread From: Patrick McHardy @ 2007-11-29 8:27 UTC (permalink / raw) To: Jan Engelhardt; +Cc: Yasuyuki KOZAKAI, coreteam, netfilter-devel Jan Engelhardt wrote: > On Nov 29 2007 17:01, Yasuyuki KOZAKAI wrote: >>> BTW, judging by your last batch of xtables patches you seem to have >>> managed to import the netfilter SVN in git. I keep getting errors >>> related to paths: >>> >>> $ git-svnimport -v -C nf.git http://svn.netfilter.org/netfilter >>> Initialized empty Git repository in /tmp/nf.git/.git/ >>> 1: Unrecognized path: >>> /patch-o-matic-ng/trunk/pptp-conntrack-nat/linux/include/linux/netfilter_ipv4/ip_nat_pptp.h >>> 1: Unrecognized path: /patch-o-matic-ng/trunk/pptp-conntrack-nat/help >>> 1: Unrecognized path: >>> /patch-o-matic-ng/trunk/pptp-conntrack-nat/linux/include/linux/netfilter_ipv4/ip_conntrack_pptp.h >>> >>> It seems it switches the first directory and "trunk". Did you use >>> git-svnimport or just git-svn for importing? >> Actually, I have not succeeded to manage them. I manually do 'svn update' >> on master branch on local git tree and commits updates, and create new branch >> on git tree for my development. >> > Also, there is no indication that a move was done (e.g. r7117) but instead > a hand copy. I prefer using native svn, or switching to git entirely. I want to switch entirely, but first I have to manage to import the repository :) ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-29 8:27 ` Patrick McHardy @ 2007-11-29 8:47 ` Jan Engelhardt 2007-11-29 9:07 ` Jan Engelhardt 0 siblings, 1 reply; 30+ messages in thread From: Jan Engelhardt @ 2007-11-29 8:47 UTC (permalink / raw) To: Patrick McHardy; +Cc: Yasuyuki KOZAKAI, coreteam, netfilter-devel On Nov 29 2007 09:27, Patrick McHardy wrote: > Jan Engelhardt wrote: >> On Nov 29 2007 17:01, Yasuyuki KOZAKAI wrote: >> > > >> > > $ git-svnimport -v -C nf.git http://svn.netfilter.org/netfilter > I want to switch entirely, but first I have to manage to import the > repository :) > The problem is you have a non-trivial repository layout, so using above's git-svnimport is likely to be not enough. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-29 8:47 ` Jan Engelhardt @ 2007-11-29 9:07 ` Jan Engelhardt 2007-11-29 9:13 ` Patrick McHardy 0 siblings, 1 reply; 30+ messages in thread From: Jan Engelhardt @ 2007-11-29 9:07 UTC (permalink / raw) To: Patrick McHardy; +Cc: Yasuyuki KOZAKAI, coreteam, netfilter-devel On Nov 29 2007 09:47, Jan Engelhardt wrote: >On Nov 29 2007 09:27, Patrick McHardy wrote: >> Jan Engelhardt wrote: >>> On Nov 29 2007 17:01, Yasuyuki KOZAKAI wrote: >>> > > >>> > > $ git-svnimport -v -C nf.git http://svn.netfilter.org/netfilter >> I want to switch entirely, but first I have to manage to import the >> repository :) >> >The problem is you have a non-trivial repository layout, so >using above's git-svnimport is likely to be not enough. Also, there currently exist /trunk/PROJECTNAME. If that were to be imported into git, I would not be sure whether you can tag single projects like in svn .. in git it seems like just the whole tree. Trying to tag v1.4.0 would then also include libnfconntrack and friends in the tag - not good. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-29 9:07 ` Jan Engelhardt @ 2007-11-29 9:13 ` Patrick McHardy 2007-11-29 9:19 ` Jan Engelhardt 0 siblings, 1 reply; 30+ messages in thread From: Patrick McHardy @ 2007-11-29 9:13 UTC (permalink / raw) To: Jan Engelhardt; +Cc: Yasuyuki KOZAKAI, coreteam, netfilter-devel Jan Engelhardt wrote: > On Nov 29 2007 09:47, Jan Engelhardt wrote: >> On Nov 29 2007 09:27, Patrick McHardy wrote: >>> Jan Engelhardt wrote: >>>> On Nov 29 2007 17:01, Yasuyuki KOZAKAI wrote: >>>>>> $ git-svnimport -v -C nf.git http://svn.netfilter.org/netfilter >>> I want to switch entirely, but first I have to manage to import the >>> repository :) >>> >> The problem is you have a non-trivial repository layout, so >> using above's git-svnimport is likely to be not enough. > > Also, there currently exist /trunk/PROJECTNAME. If that were to be > imported into git, I would not be sure whether you can tag single > projects like in svn .. in git it seems like just the whole tree. > Trying to tag v1.4.0 would then also include libnfconntrack and > friends in the tag - not good. We could use sepate git repositories for that, shouldn't be a big problem. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-29 9:13 ` Patrick McHardy @ 2007-11-29 9:19 ` Jan Engelhardt 2007-11-29 9:25 ` Patrick McHardy 0 siblings, 1 reply; 30+ messages in thread From: Jan Engelhardt @ 2007-11-29 9:19 UTC (permalink / raw) To: Patrick McHardy; +Cc: Yasuyuki KOZAKAI, coreteam, netfilter-devel On Nov 29 2007 10:13, Patrick McHardy wrote: >> >> Also, there currently exist /trunk/PROJECTNAME. If that were to be >> imported into git, I would not be sure whether you can tag single >> projects like in svn .. in git it seems like just the whole tree. >> Trying to tag v1.4.0 would then also include libnfconntrack and >> friends in the tag - not good. > > > We could use sepate git repositories for that, shouldn't be > a big problem. > Just start a new git repo without importing anything. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-29 9:19 ` Jan Engelhardt @ 2007-11-29 9:25 ` Patrick McHardy 0 siblings, 0 replies; 30+ messages in thread From: Patrick McHardy @ 2007-11-29 9:25 UTC (permalink / raw) To: Jan Engelhardt; +Cc: Yasuyuki KOZAKAI, coreteam, netfilter-devel Jan Engelhardt wrote: > On Nov 29 2007 10:13, Patrick McHardy wrote: >>> Also, there currently exist /trunk/PROJECTNAME. If that were to be >>> imported into git, I would not be sure whether you can tag single >>> projects like in svn .. in git it seems like just the whole tree. >>> Trying to tag v1.4.0 would then also include libnfconntrack and >>> friends in the tag - not good. >> >> We could use sepate git repositories for that, shouldn't be >> a big problem. >> > > Just start a new git repo without importing anything. No, I want to keep the history. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-29 7:02 ` Patrick McHardy 2007-11-29 8:01 ` Yasuyuki KOZAKAI @ 2007-11-29 20:46 ` Jesper Dangaard Brouer 2007-11-29 20:52 ` Patrick McHardy 1 sibling, 1 reply; 30+ messages in thread From: Jesper Dangaard Brouer @ 2007-11-29 20:46 UTC (permalink / raw) To: Patrick McHardy; +Cc: Netfilter Developers On Thu, 29 Nov 2007, Patrick McHardy wrote: > > It seems it switches the first directory and "trunk". Did you use > git-svnimport or just git-svn for importing? I use "git-svn": git-svn clone https://svn.netfilter.org/netfilter/ -T trunk -b branches -t tags And I had to update git to a newer version (1.5.3 than debians 1.4.4) to make it work. Still, I don't think it got the tags and branches right, because .git/refs/tags is empty. And it only gets log history back from revision 3070 (thats where a "new global trunk directory" were created). When I want to sync with SVN I do: git-checkout master git-svn fetch git-svn rebase To get one of my work branches up to sync I do a git rebase: git-checkout perf_work1 git rebase master Hilsen Jesper Brouer -- ------------------------------------------------------------------- MSc. Master of Computer Science Dept. of Computer Science, University of Copenhagen Author of http://www.adsl-optimizer.dk ------------------------------------------------------------------- ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-29 20:46 ` Jesper Dangaard Brouer @ 2007-11-29 20:52 ` Patrick McHardy 2007-11-29 21:05 ` Jan Engelhardt 0 siblings, 1 reply; 30+ messages in thread From: Patrick McHardy @ 2007-11-29 20:52 UTC (permalink / raw) To: Jesper Dangaard Brouer; +Cc: Netfilter Developers Jesper Dangaard Brouer wrote: > > On Thu, 29 Nov 2007, Patrick McHardy wrote: >> >> It seems it switches the first directory and "trunk". Did you use >> git-svnimport or just git-svn for importing? > > I use "git-svn": > git-svn clone https://svn.netfilter.org/netfilter/ -T trunk -b > branches -t tags > > And I had to update git to a newer version (1.5.3 than debians 1.4.4) > to make it work. > > Still, I don't think it got the tags and branches right, because > .git/refs/tags is empty. And it only gets log history back from > revision 3070 (thats where a "new global trunk directory" were created). > > When I want to sync with SVN I do: > > git-checkout master > git-svn fetch > git-svn rebase > > To get one of my work branches up to sync I do a git rebase: > > git-checkout perf_work1 > git rebase master Yeah, that works for importing the head and keeping in sync, but it doesn't work for importing the entire repository with branches and history according to the manpage. Still useful since I hate SVN about as much as CVS :) ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-29 20:52 ` Patrick McHardy @ 2007-11-29 21:05 ` Jan Engelhardt 2007-11-29 21:37 ` Patrick McHardy 0 siblings, 1 reply; 30+ messages in thread From: Jan Engelhardt @ 2007-11-29 21:05 UTC (permalink / raw) To: Patrick McHardy; +Cc: Jesper Dangaard Brouer, Netfilter Developers On Nov 29 2007 21:52, Patrick McHardy wrote: >> >> git-checkout master >> git-svn fetch >> git-svn rebase >> >> To get one of my work branches up to sync I do a git rebase: >> >> git-checkout perf_work1 >> git rebase master > > Yeah, that works for importing the head and keeping in sync, > but it doesn't work for importing the entire repository with > branches and history according to the manpage. Still useful > since I hate SVN about as much as CVS :) If you are willing to reorder the SVN tree, that may make git more happy. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-29 21:05 ` Jan Engelhardt @ 2007-11-29 21:37 ` Patrick McHardy 2007-11-30 17:37 ` Yasuyuki KOZAKAI [not found] ` <200711301737.lAUHbXWh002545@toshiba.co.jp> 0 siblings, 2 replies; 30+ messages in thread From: Patrick McHardy @ 2007-11-29 21:37 UTC (permalink / raw) To: Jan Engelhardt; +Cc: Jesper Dangaard Brouer, Netfilter Developers Jan Engelhardt wrote: > On Nov 29 2007 21:52, Patrick McHardy wrote: > >>> git-checkout master >>> git-svn fetch >>> git-svn rebase >>> >>> To get one of my work branches up to sync I do a git rebase: >>> >>> git-checkout perf_work1 >>> git rebase master >>> >> Yeah, that works for importing the head and keeping in sync, >> but it doesn't work for importing the entire repository with >> branches and history according to the manpage. Still useful >> since I hate SVN about as much as CVS :) >> > > If you are willing to reorder the SVN tree, that may make git > more happy. I think its more a SVN misconfiguration. git-svnimport looks for (example) iptables/trunk, but its trunk/iptables. Couldn't find out where the misconfiguration is though. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2007-11-29 21:37 ` Patrick McHardy @ 2007-11-30 17:37 ` Yasuyuki KOZAKAI [not found] ` <200711301737.lAUHbXWh002545@toshiba.co.jp> 1 sibling, 0 replies; 30+ messages in thread From: Yasuyuki KOZAKAI @ 2007-11-30 17:37 UTC (permalink / raw) To: kaber; +Cc: jengelh, hawk, netfilter-devel Hi, I'm not sure that I could get all changeset of iptables, but anyway I put iptables.git at rsync://people.netfilter.org/users/yasuyuki/git/iptables.git Please note that many released iptables which can be downloaded from http://www.netfilter.org/projects/iptables/downloads.html are not identical to each svn tags. So please don't mind even if no git commit matches the archives. I didn't import svn branches and tags by git-svnimport, because sometimes doing that broke 'origin' git branch, and I saw that some svn tags were not identical to any revision of svn turnk. I can create git branches to keep svn tags and released iptables sources, if people want. The followings are logs of many troubles... ** Notable history of iptables svn tree By the revision 702, svn.netfilter.org/netfilter/iptables/trunk was created. branches and tags were at svn.netfilter.org/netfilter/iptables/branches svn.netfilter.org/netfilter/iptables/tags respectively. By 3071, the trunk of iptables was moved to svn.netfilter.org/netfilter/trunk/iptables By 3109, the 'branches' of iptables was moved to svn.netfilter.org/netfilter/branches/iptables The revsions 5092 - 5223 are not usual changes. 'svn log' says as follows. Sorry, I don't know what happend at that time. $ svn log -r5092 -v http://svn.netfilter.org/netfilter ------------------------------------------------------------------------ r5092 | (no author) | 2004-10-11 22:40:52 +0900 (Mon, 11 Oct 2004) | 1 line This is an empty revision for padding. ------------------------------------------------------------------------ ** What I did to create iptables git tree I did $ git-svnimport -v -s 702 -l 3070 -T iptables/trunk \ http://svn.netfilter.org/netfilter I thought that such argument to -T was not expected by the author of git-svnimport, but it seemd to work. ;) I did not use -b and -t for branches and tags. Because I found that some commits on 'origin' were broken by them. Sometimes the TCP connection to SVN server was disconnected while importing. In that case, I reset 'origin' and 'master' branch so that they refered the last suceeded commit, removed .git/SVN2GIT_HEAD and .git/ORIG_HEAD, and excecuted git-svnimport without '-s' again. git-svnimport failed to import revision 1375. I don't know the reason. I suspect that subversion or something on my environment could not manage the charactor including '~' above 'a' of ISO-8859-1 encoding. After all, I manually downloaded the changeset, creates a git patch, applied it to 'origin' branch of git tree, and executed git-svnimport without '-s'. Next, I did $ git-svnimport -v -s 3109 -l 5091 -T trunk/iptables \ -b dummy_branches -t dummy_tags \ http://svn.netfilter.org/netfilter It failed at 5091, so I reset 'origin' and 'master' branch so that they refered the last commit (which was for revision 4552) and I did $ git-svnimport -v -s 5224 -T trunk/iptables \ -b dummy_branches -t dummy_tags \ http://svn.netfilter.org/netfilter ** A Comment Well, I don't want to do this again :) -- Yasuyuki Kozakai ^ permalink raw reply [flat|nested] 30+ messages in thread
[parent not found: <200711301737.lAUHbXWh002545@toshiba.co.jp>]
* Re: iptables release [not found] ` <200711301737.lAUHbXWh002545@toshiba.co.jp> @ 2007-11-30 17:49 ` Jan Engelhardt 0 siblings, 0 replies; 30+ messages in thread From: Jan Engelhardt @ 2007-11-30 17:49 UTC (permalink / raw) To: Yasuyuki KOZAKAI; +Cc: kaber, hawk, netfilter-devel On Dec 1 2007 02:37, Yasuyuki KOZAKAI wrote: > >$ svn log -r5092 -v http://svn.netfilter.org/netfilter >------------------------------------------------------------------------ >r5092 | (no author) | 2004-10-11 22:40:52 +0900 (Mon, 11 Oct 2004) | 1 line > >This is an empty revision for padding. While empty commits can happen (it does take a specific course of action though), the log message is unusual, esp. with (no author) and "This is an empty revision for padding". >------------------------------------------------------------------------ > >** What I did to create iptables git tree > >I did > $ git-svnimport -v -s 702 -l 3070 -T iptables/trunk \ > http://svn.netfilter.org/netfilter > >I thought that such argument to -T was not expected by the author of >git-svnimport, but it seemd to work. ;) I did not use -b and -t for >branches and tags. Because I found that some commits on 'origin' were >broken by them. > >Sometimes the TCP connection to SVN server was disconnected while importing. >In that case, I reset 'origin' and 'master' branch so that they refered >the last suceeded commit, removed .git/SVN2GIT_HEAD and .git/ORIG_HEAD, >and excecuted git-svnimport without '-s' again. I would have rsynced the svn tree off, then do a local svn-to-git transform. That would have avoided potentially dangerous disconnects. >** A Comment >Well, I don't want to do this again :) Heh. ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: [netfilter-core] iptables release 2007-11-27 16:52 iptables release Patrick McHardy ` (3 preceding siblings ...) [not found] ` <200711290249.lAT2nkEr004081@toshiba.co.jp> @ 2007-11-29 17:46 ` Harald Welte 4 siblings, 0 replies; 30+ messages in thread From: Harald Welte @ 2007-11-29 17:46 UTC (permalink / raw) To: Patrick McHardy; +Cc: Netfilter Core Team, Netfilter Development Mailinglist [-- Attachment #1: Type: text/plain, Size: 1137 bytes --] On Tue, Nov 27, 2007 at 05:52:55PM +0100, Patrick McHardy wrote: > I have a large number of pending patches for iptables for new > matches and targets. I'm not going apply patches for new things > unless they are at least in a -rc kernel, so we have a chance to > fix mistakes. So my question is whether we're ready to release > the current iptables -rc anytime soon (before/when 2.6.24 is > released) or whether we're more likely going to need until 2.6.25, > in which case I would apply them now. I have a number of manpage updates pending, unfortunately I still can't commit to the repository (and since it includes many file renames it's hard to just submit a patch). I'd prefer if the release is held back until the documentation is in sync. -- - Harald Welte <laforge@netfilter.org> http://netfilter.org/ ============================================================================ "Fragmentation is like classful addressing -- an interesting early architectural error that shows how much experimentation was going on while IP was being designed." -- Paul Vixie [-- Attachment #2: Digital signature --] [-- Type: application/pgp-signature, Size: 189 bytes --] ^ permalink raw reply [flat|nested] 30+ messages in thread
* iptables release @ 2009-09-10 13:29 Patrick McHardy 2009-09-10 17:29 ` Jan Engelhardt 0 siblings, 1 reply; 30+ messages in thread From: Patrick McHardy @ 2009-09-10 13:29 UTC (permalink / raw) To: Netfilter Development Mailinglist I'll probably release the next iptables version tommorrow. Anyone who still wants to get fixes in, please send them now. Test results are also welcome :) ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2009-09-10 13:29 Patrick McHardy @ 2009-09-10 17:29 ` Jan Engelhardt [not found] ` <4AAE7807.8050701@trash.net> 0 siblings, 1 reply; 30+ messages in thread From: Jan Engelhardt @ 2009-09-10 17:29 UTC (permalink / raw) To: Patrick McHardy; +Cc: Netfilter Development Mailinglist On Thursday 2009-09-10 15:29, Patrick McHardy wrote: >I'll probably release the next iptables version tommorrow. >Anyone who still wants to get fixes in, please send them >now. Test results are also welcome :) Do features count? I would have wanted to submit Mohit's -Z# support earlier, but the misunderstanding between making a statement and inquiring a question about the usefulness (I have been convinced now) held it up unfortunately. ^ permalink raw reply [flat|nested] 30+ messages in thread
[parent not found: <4AAE7807.8050701@trash.net>]
* Re: iptables release [not found] ` <4AAE7807.8050701@trash.net> @ 2009-09-14 17:52 ` Jan Engelhardt 2009-09-14 18:07 ` Patrick McHardy 0 siblings, 1 reply; 30+ messages in thread From: Jan Engelhardt @ 2009-09-14 17:52 UTC (permalink / raw) To: Patrick McHardy; +Cc: Netfilter Development Mailinglist On Monday 2009-09-14 19:06, Patrick McHardy wrote: > >Sorry, I don't want any features that late in the release stage. >Feel free to send it to me now that the release is out :) > The following changes since commit 352ccfb847dfd290a7b761cd87445a48e551acb5: Jan Engelhardt (1): manpages: more fixes to minuses, hyphens, dashes are available in the git repository at: git://dev.medozas.de/iptables zero Jan Engelhardt (1): iptables: manpage updates for augmented -Z syntax Mohit Mehta (1): iptables: expose option to zero packet/byte counters for a specific rule ip6tables.8.in | 7 ++++--- ip6tables.c | 31 ++++++++++++++++++++++++------- iptables.8.in | 7 ++++--- iptables.c | 31 ++++++++++++++++++++++++------- 4 files changed, 56 insertions(+), 20 deletions(-) ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2009-09-14 17:52 ` Jan Engelhardt @ 2009-09-14 18:07 ` Patrick McHardy 0 siblings, 0 replies; 30+ messages in thread From: Patrick McHardy @ 2009-09-14 18:07 UTC (permalink / raw) To: Jan Engelhardt; +Cc: Netfilter Development Mailinglist Jan Engelhardt wrote: > On Monday 2009-09-14 19:06, Patrick McHardy wrote: >> Sorry, I don't want any features that late in the release stage. >> Feel free to send it to me now that the release is out :) >> > > > The following changes since commit 352ccfb847dfd290a7b761cd87445a48e551acb5: > Jan Engelhardt (1): > manpages: more fixes to minuses, hyphens, dashes > > are available in the git repository at: > > git://dev.medozas.de/iptables zero > > Jan Engelhardt (1): > iptables: manpage updates for augmented -Z syntax > > Mohit Mehta (1): > iptables: expose option to zero packet/byte counters for a specific rule Pulled and pushed out again, thanks Jan. ^ permalink raw reply [flat|nested] 30+ messages in thread
* iptables release @ 2019-09-10 18:47 Fabio Pedretti 2019-09-11 7:33 ` Fabio Pedretti 0 siblings, 1 reply; 30+ messages in thread From: Fabio Pedretti @ 2019-09-10 18:47 UTC (permalink / raw) To: netfilter-devel Hi, is there a plan to push a new release of iptables? It has some fixes which are routinely reported in distros having latest stable release 1.8.3. Thanks ^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: iptables release 2019-09-10 18:47 Fabio Pedretti @ 2019-09-11 7:33 ` Fabio Pedretti 0 siblings, 0 replies; 30+ messages in thread From: Fabio Pedretti @ 2019-09-11 7:33 UTC (permalink / raw) To: netfilter-devel Debian also has some patches that may be applicable upstream: https://salsa.debian.org/pkg-netfilter-team/pkg-iptables/tree/master/debian/patches Il giorno mar 10 set 2019 alle ore 20:47 Fabio Pedretti <pedretti.fabio@gmail.com> ha scritto: > > Hi, is there a plan to push a new release of iptables? > It has some fixes which are routinely reported in distros having > latest stable release 1.8.3. > Thanks ^ permalink raw reply [flat|nested] 30+ messages in thread
end of thread, other threads:[~2019-09-11 7:34 UTC | newest] Thread overview: 30+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2007-11-27 16:52 iptables release Patrick McHardy 2007-11-27 18:57 ` Jan Engelhardt 2007-11-27 19:04 ` Patrick McHardy 2007-11-28 17:49 ` Jan Engelhardt 2007-11-27 21:58 ` Jesper Dangaard Brouer 2007-11-28 8:30 ` Patrick McHardy 2007-11-29 2:49 ` Yasuyuki KOZAKAI 2007-11-29 6:00 ` Yasuyuki KOZAKAI [not found] ` <200711290249.lAT2nkEr004081@toshiba.co.jp> 2007-11-29 7:02 ` Patrick McHardy 2007-11-29 8:01 ` Yasuyuki KOZAKAI 2007-11-29 8:10 ` Jan Engelhardt 2007-11-29 8:27 ` Patrick McHardy 2007-11-29 8:47 ` Jan Engelhardt 2007-11-29 9:07 ` Jan Engelhardt 2007-11-29 9:13 ` Patrick McHardy 2007-11-29 9:19 ` Jan Engelhardt 2007-11-29 9:25 ` Patrick McHardy 2007-11-29 20:46 ` Jesper Dangaard Brouer 2007-11-29 20:52 ` Patrick McHardy 2007-11-29 21:05 ` Jan Engelhardt 2007-11-29 21:37 ` Patrick McHardy 2007-11-30 17:37 ` Yasuyuki KOZAKAI [not found] ` <200711301737.lAUHbXWh002545@toshiba.co.jp> 2007-11-30 17:49 ` Jan Engelhardt 2007-11-29 17:46 ` [netfilter-core] " Harald Welte 2009-09-10 13:29 Patrick McHardy 2009-09-10 17:29 ` Jan Engelhardt [not found] ` <4AAE7807.8050701@trash.net> 2009-09-14 17:52 ` Jan Engelhardt 2009-09-14 18:07 ` Patrick McHardy 2019-09-10 18:47 Fabio Pedretti 2019-09-11 7:33 ` Fabio Pedretti
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).