From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org, kuba@kernel.org
Subject: [PATCH net-next 00/10] Netfilter/IPVS updates for net-next
Date: Sun, 13 Dec 2020 00:05:03 +0100 [thread overview]
Message-ID: <20201212230513.3465-1-pablo@netfilter.org> (raw)
Hi Jakub, David,
The following patchset contains Netfilter updates for net-next:
1) Missing dependencies in NFT_BRIDGE_REJECT, from Randy Dunlap.
2) Use atomic_inc_return() instead of atomic_add_return() in IPVS,
from Yejune Deng.
3) Simplify check for overquota in xt_nfacct, from Kaixu Xia.
4) Move nfnl_acct_list away from struct net, from Miao Wang.
5) Pass actual sk in reject actions, from Jan Engelhardt.
6) Add timeout and protoinfo to ctnetlink destroy events,
from Florian Westphal.
7) Four patches to generalize set infrastructure to support
for multiple expressions per set element.
Please, pull these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git
Thanks!
----------------------------------------------------------------
The following changes since commit f9e425e99b0756c1479042afe761073779df2a30:
octeontx2-af: Add support for RSS hashing based on Transport protocol field (2020-11-21 16:05:22 -0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git HEAD
for you to fetch changes up to 48b0ae046ee96eac999839f6d26c624b8c93ed66:
netfilter: nftables: netlink support for several set element expressions (2020-12-12 19:20:52 +0100)
----------------------------------------------------------------
Florian Westphal (1):
netfilter: ctnetlink: add timeout and protoinfo to destroy events
Jan Engelhardt (1):
netfilter: use actual socket sk for REJECT action
Kaixu Xia (1):
netfilter: Remove unnecessary conversion to bool
Pablo Neira Ayuso (4):
netfilter: nftables: generalize set expressions support
netfilter: nftables: move nft_expr before nft_set
netfilter: nftables: generalize set extension to support for several expressions
netfilter: nftables: netlink support for several set element expressions
Randy Dunlap (1):
netfilter: nft_reject_bridge: fix build errors due to code movement
Wang Shanker (1):
netfilter: nfnl_acct: remove data from struct net
Yejune Deng (1):
ipvs: replace atomic_add_return()
include/net/net_namespace.h | 3 -
include/net/netfilter/ipv4/nf_reject.h | 4 +-
include/net/netfilter/ipv6/nf_reject.h | 5 +-
include/net/netfilter/nf_conntrack_l4proto.h | 2 +-
include/net/netfilter/nf_tables.h | 95 ++++++----
include/uapi/linux/netfilter/nf_tables.h | 6 +
net/bridge/netfilter/Kconfig | 2 +
net/ipv4/netfilter/ipt_REJECT.c | 3 +-
net/ipv4/netfilter/nf_reject_ipv4.c | 6 +-
net/ipv4/netfilter/nft_reject_ipv4.c | 3 +-
net/ipv6/netfilter/ip6t_REJECT.c | 2 +-
net/ipv6/netfilter/nf_reject_ipv6.c | 5 +-
net/ipv6/netfilter/nft_reject_ipv6.c | 3 +-
net/netfilter/ipvs/ip_vs_core.c | 2 +-
net/netfilter/ipvs/ip_vs_sync.c | 4 +-
net/netfilter/nf_conntrack_netlink.c | 31 ++--
net/netfilter/nf_conntrack_proto_dccp.c | 13 +-
net/netfilter/nf_conntrack_proto_sctp.c | 13 +-
net/netfilter/nf_conntrack_proto_tcp.c | 13 +-
net/netfilter/nf_tables_api.c | 250 ++++++++++++++++++++++-----
net/netfilter/nfnetlink_acct.c | 38 +++-
net/netfilter/nft_dynset.c | 156 ++++++++++++++---
net/netfilter/nft_reject_inet.c | 6 +-
net/netfilter/nft_set_hash.c | 27 ++-
net/netfilter/xt_nfacct.c | 2 +-
25 files changed, 534 insertions(+), 160 deletions(-)
next reply other threads:[~2020-12-12 23:08 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-12 23:05 Pablo Neira Ayuso [this message]
2020-12-12 23:05 ` [PATCH net-next 01/10] netfilter: nft_reject_bridge: fix build errors due to code movement Pablo Neira Ayuso
2020-12-12 23:05 ` [PATCH net-next 02/10] ipvs: replace atomic_add_return() Pablo Neira Ayuso
2020-12-12 23:05 ` [PATCH net-next 03/10] netfilter: Remove unnecessary conversion to bool Pablo Neira Ayuso
2020-12-12 23:05 ` [PATCH net-next 04/10] netfilter: nfnl_acct: remove data from struct net Pablo Neira Ayuso
2020-12-12 23:05 ` [PATCH net-next 05/10] netfilter: use actual socket sk for REJECT action Pablo Neira Ayuso
2020-12-12 23:05 ` [PATCH net-next 06/10] netfilter: ctnetlink: add timeout and protoinfo to destroy events Pablo Neira Ayuso
2020-12-12 23:05 ` [PATCH net-next 07/10] netfilter: nftables: generalize set expressions support Pablo Neira Ayuso
2020-12-12 23:05 ` [PATCH net-next 08/10] netfilter: nftables: move nft_expr before nft_set Pablo Neira Ayuso
2020-12-12 23:05 ` [PATCH net-next 09/10] netfilter: nftables: generalize set extension to support for several expressions Pablo Neira Ayuso
2020-12-12 23:05 ` [PATCH net-next 10/10] netfilter: nftables: netlink support for several set element expressions Pablo Neira Ayuso
2020-12-15 2:11 ` [PATCH net-next 00/10] Netfilter/IPVS updates for net-next Jakub Kicinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201212230513.3465-1-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=davem@davemloft.net \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.