[GIT PULL pablo/nf-2.6-updates] IPVS

All of lore.kernel.org
 help / color / mirror / Atom feed

* [GIT PULL pablo/nf-2.6-updates] IPVS
@ 2011-06-02  0:09 Simon Horman
  2011-06-02  0:09 ` [PATCH] ipvs: restore support for iptables SNAT Simon Horman
  0 siblings, 1 reply; 6+ messages in thread
From: Simon Horman @ 2011-06-02  0:09 UTC (permalink / raw)
  To: lvs-devel, netdev, netfilter-devel, netfilter
  Cc: Wensong Zhang, Julian Anastasov, Patrick McHardy,
	Pablo Neira Ayuso

Hi Pablo, Hi Patrick,

Please consider pulling

  git://git.kernel.org/pub/scm/linux/kernel/git/horms/ipvs-2.6.git master

to get the following fix for IPVS from Julian. This is -sable material.

Julian Anastasov (1):
      ipvs: restore support for iptables SNAT

 net/netfilter/ipvs/ip_vs_core.c |   16 ++++++++--------
 1 files changed, 8 insertions(+), 8 deletions(-)

My pull request is based on pablo/nf-2.6-updates revision
c74c0bfe0b61cf41a897c2444c038e0d3f600556:

  IPVS: bug in ip_vs_ftp, same list heaad used in all netns. (2011-05-27 13:37:46 +0200)

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH] ipvs: restore support for iptables SNAT
  2011-06-02  0:09 [GIT PULL pablo/nf-2.6-updates] IPVS Simon Horman
@ 2011-06-02  0:09 ` Simon Horman
  2011-06-02 11:51   ` Pablo Neira Ayuso
  0 siblings, 1 reply; 6+ messages in thread
From: Simon Horman @ 2011-06-02  0:09 UTC (permalink / raw)
  To: lvs-devel, netdev, netfilter-devel, netfilter
  Cc: Wensong Zhang, Julian Anastasov, Patrick McHardy,
	Pablo Neira Ayuso, Simon Horman

From: Julian Anastasov <ja@ssi.bg>

	Fix the IPVS priority in LOCAL_IN hook,
so that SNAT target in POSTROUTING is supported for IPVS
traffic as in 2.6.36 where it worked depending on
module load order.

	Before 2.6.37 we used priority 100 in LOCAL_IN to
process remote requests. We used the same priority as
iptables SNAT and if IPVS handlers are installed before
SNAT handlers we supported SNAT in POSTROUTING for the IPVS
traffic. If SNAT is installed before IPVS, the netfilter
handlers are before IPVS and netfilter checks the NAT
table twice for the IPVS requests: once in LOCAL_IN where
IPS_SRC_NAT_DONE is set and second time in POSTROUTING
where the SNAT rules are ignored because IPS_SRC_NAT_DONE
was already set in LOCAL_IN.

	But in 2.6.37 we changed the IPVS priority for
LOCAL_IN with the goal to be unique (101) forgetting the
fact that for IPVS traffic we should not walk both
LOCAL_IN and POSTROUTING nat tables.

	So, change the priority for processing remote
IPVS requests from 101 to 99, i.e. before NAT_SRC (100)
because we prefer to support SNAT in POSTROUTING
instead of LOCAL_IN. It also moves the priority for
IPVS replies from 99 to 98. Use constants instead of
magic numbers at these places.

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>
---
 net/netfilter/ipvs/ip_vs_core.c |   16 ++++++++--------
 1 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c
index bfa808f..55af224 100644
--- a/net/netfilter/ipvs/ip_vs_core.c
+++ b/net/netfilter/ipvs/ip_vs_core.c
@@ -1772,7 +1772,7 @@ static struct nf_hook_ops ip_vs_ops[] __read_mostly = {
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET,
 		.hooknum	= NF_INET_LOCAL_IN,
-		.priority	= 99,
+		.priority	= NF_IP_PRI_NAT_SRC - 2,
 	},
 	/* After packet filtering, forward packet through VS/DR, VS/TUN,
 	 * or VS/NAT(change destination), so that filtering rules can be
@@ -1782,7 +1782,7 @@ static struct nf_hook_ops ip_vs_ops[] __read_mostly = {
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET,
 		.hooknum	= NF_INET_LOCAL_IN,
-		.priority	= 101,
+		.priority	= NF_IP_PRI_NAT_SRC - 1,
 	},
 	/* Before ip_vs_in, change source only for VS/NAT */
 	{
@@ -1790,7 +1790,7 @@ static struct nf_hook_ops ip_vs_ops[] __read_mostly = {
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET,
 		.hooknum	= NF_INET_LOCAL_OUT,
-		.priority	= -99,
+		.priority	= NF_IP_PRI_NAT_DST + 1,
 	},
 	/* After mangle, schedule and forward local requests */
 	{
@@ -1798,7 +1798,7 @@ static struct nf_hook_ops ip_vs_ops[] __read_mostly = {
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET,
 		.hooknum	= NF_INET_LOCAL_OUT,
-		.priority	= -98,
+		.priority	= NF_IP_PRI_NAT_DST + 2,
 	},
 	/* After packet filtering (but before ip_vs_out_icmp), catch icmp
 	 * destined for 0.0.0.0/0, which is for incoming IPVS connections */
@@ -1824,7 +1824,7 @@ static struct nf_hook_ops ip_vs_ops[] __read_mostly = {
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET6,
 		.hooknum	= NF_INET_LOCAL_IN,
-		.priority	= 99,
+		.priority	= NF_IP6_PRI_NAT_SRC - 2,
 	},
 	/* After packet filtering, forward packet through VS/DR, VS/TUN,
 	 * or VS/NAT(change destination), so that filtering rules can be
@@ -1834,7 +1834,7 @@ static struct nf_hook_ops ip_vs_ops[] __read_mostly = {
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET6,
 		.hooknum	= NF_INET_LOCAL_IN,
-		.priority	= 101,
+		.priority	= NF_IP6_PRI_NAT_SRC - 1,
 	},
 	/* Before ip_vs_in, change source only for VS/NAT */
 	{
@@ -1842,7 +1842,7 @@ static struct nf_hook_ops ip_vs_ops[] __read_mostly = {
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET,
 		.hooknum	= NF_INET_LOCAL_OUT,
-		.priority	= -99,
+		.priority	= NF_IP6_PRI_NAT_DST + 1,
 	},
 	/* After mangle, schedule and forward local requests */
 	{
@@ -1850,7 +1850,7 @@ static struct nf_hook_ops ip_vs_ops[] __read_mostly = {
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET6,
 		.hooknum	= NF_INET_LOCAL_OUT,
-		.priority	= -98,
+		.priority	= NF_IP6_PRI_NAT_DST + 2,
 	},
 	/* After packet filtering (but before ip_vs_out_icmp), catch icmp
 	 * destined for 0.0.0.0/0, which is for incoming IPVS connections */
-- 
1.7.4.4


^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH] ipvs: restore support for iptables SNAT
  2011-06-02  0:09 ` [PATCH] ipvs: restore support for iptables SNAT Simon Horman
@ 2011-06-02 11:51   ` Pablo Neira Ayuso
  2011-06-02 13:01     ` Simon Horman
  0 siblings, 1 reply; 6+ messages in thread
From: Pablo Neira Ayuso @ 2011-06-02 11:51 UTC (permalink / raw)
  To: Simon Horman
  Cc: lvs-devel, netdev, netfilter-devel, netfilter, Wensong Zhang,
	Julian Anastasov, Patrick McHardy

On 02/06/11 02:09, Simon Horman wrote:
> From: Julian Anastasov <ja@ssi.bg>
> 
> 	Fix the IPVS priority in LOCAL_IN hook,
> so that SNAT target in POSTROUTING is supported for IPVS
> traffic as in 2.6.36 where it worked depending on
> module load order.
> 
> 	Before 2.6.37 we used priority 100 in LOCAL_IN to
> process remote requests. We used the same priority as
> iptables SNAT and if IPVS handlers are installed before
> SNAT handlers we supported SNAT in POSTROUTING for the IPVS
> traffic. If SNAT is installed before IPVS, the netfilter
> handlers are before IPVS and netfilter checks the NAT
> table twice for the IPVS requests: once in LOCAL_IN where
> IPS_SRC_NAT_DONE is set and second time in POSTROUTING
> where the SNAT rules are ignored because IPS_SRC_NAT_DONE
> was already set in LOCAL_IN.
> 
> 	But in 2.6.37 we changed the IPVS priority for
> LOCAL_IN with the goal to be unique (101) forgetting the
> fact that for IPVS traffic we should not walk both
> LOCAL_IN and POSTROUTING nat tables.
> 
> 	So, change the priority for processing remote
> IPVS requests from 101 to 99, i.e. before NAT_SRC (100)
> because we prefer to support SNAT in POSTROUTING
> instead of LOCAL_IN. It also moves the priority for
> IPVS replies from 99 to 98. Use constants instead of
> magic numbers at these places.

I have applied this to my net-next-2.6 tree. Once it hits linus tree,
I'll pass it to -stable.

http://1984.lsi.us.es/git/?p=net-next-2.6/.git;a=shortlog;h=refs/heads/pablo/nf-next-2.6-updates

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] ipvs: restore support for iptables SNAT
  2011-06-02 11:51   ` Pablo Neira Ayuso
@ 2011-06-02 13:01     ` Simon Horman
  0 siblings, 0 replies; 6+ messages in thread
From: Simon Horman @ 2011-06-02 13:01 UTC (permalink / raw)
  To: Pablo Neira Ayuso
  Cc: lvs-devel, netdev, netfilter-devel, netfilter, Wensong Zhang,
	Julian Anastasov, Patrick McHardy

On Thu, Jun 02, 2011 at 01:51:27PM +0200, Pablo Neira Ayuso wrote:
> On 02/06/11 02:09, Simon Horman wrote:
> > From: Julian Anastasov <ja@ssi.bg>
> > 
> > 	Fix the IPVS priority in LOCAL_IN hook,
> > so that SNAT target in POSTROUTING is supported for IPVS
> > traffic as in 2.6.36 where it worked depending on
> > module load order.
> > 
> > 	Before 2.6.37 we used priority 100 in LOCAL_IN to
> > process remote requests. We used the same priority as
> > iptables SNAT and if IPVS handlers are installed before
> > SNAT handlers we supported SNAT in POSTROUTING for the IPVS
> > traffic. If SNAT is installed before IPVS, the netfilter
> > handlers are before IPVS and netfilter checks the NAT
> > table twice for the IPVS requests: once in LOCAL_IN where
> > IPS_SRC_NAT_DONE is set and second time in POSTROUTING
> > where the SNAT rules are ignored because IPS_SRC_NAT_DONE
> > was already set in LOCAL_IN.
> > 
> > 	But in 2.6.37 we changed the IPVS priority for
> > LOCAL_IN with the goal to be unique (101) forgetting the
> > fact that for IPVS traffic we should not walk both
> > LOCAL_IN and POSTROUTING nat tables.
> > 
> > 	So, change the priority for processing remote
> > IPVS requests from 101 to 99, i.e. before NAT_SRC (100)
> > because we prefer to support SNAT in POSTROUTING
> > instead of LOCAL_IN. It also moves the priority for
> > IPVS replies from 99 to 98. Use constants instead of
> > magic numbers at these places.
> 
> I have applied this to my net-next-2.6 tree. Once it hits linus tree,
> I'll pass it to -stable.
> 
> http://1984.lsi.us.es/git/?p=net-next-2.6/.git;a=shortlog;h=refs/heads/pablo/nf-next-2.6-updates

Thanks Pablo.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH] ipvs: restore support for iptables SNAT
@ 2011-05-29 22:01 Julian Anastasov
  2011-05-31 13:26 ` Simon Horman
  0 siblings, 1 reply; 6+ messages in thread
From: Julian Anastasov @ 2011-05-29 22:01 UTC (permalink / raw)
  To: Simon Horman; +Cc: lvs-devel


	Fix the IPVS priority in LOCAL_IN hook,
so that SNAT target in POSTROUTING is supported for IPVS
traffic as in 2.6.36 where it worked depending on
module load order.

	Before 2.6.37 we used priority 100 in LOCAL_IN to
process remote requests. We used the same priority as
iptables SNAT and if IPVS handlers are installed before
SNAT handlers we supported SNAT in POSTROUTING for the IPVS
traffic. If SNAT is installed before IPVS, the netfilter
handlers are before IPVS and netfilter checks the NAT
table twice for the IPVS requests: once in LOCAL_IN where
IPS_SRC_NAT_DONE is set and second time in POSTROUTING
where the SNAT rules are ignored because IPS_SRC_NAT_DONE
was already set in LOCAL_IN.

	But in 2.6.37 we changed the IPVS priority for
LOCAL_IN with the goal to be unique (101) forgetting the
fact that for IPVS traffic we should not walk both
LOCAL_IN and POSTROUTING nat tables.

	So, change the priority for processing remote
IPVS requests from 101 to 99, i.e. before NAT_SRC (100)
because we prefer to support SNAT in POSTROUTING
instead of LOCAL_IN. It also moves the priority for
IPVS replies from 99 to 98. Use constants instead of
magic numbers at these places.

Signed-off-by: Julian Anastasov <ja@ssi.bg>
---

	Patch is against 2.6.39 but it applies also to
ipvs-next-2.6-e3f6a65. It is a regression and the fix
can go to the -rc kernels.

diff -urp v2.6.39/linux/net/netfilter/ipvs/ip_vs_core.c linux/net/netfilter/ipvs/ip_vs_core.c
--- v2.6.39/linux/net/netfilter/ipvs/ip_vs_core.c	2011-05-30 00:04:52.000000000 +0300
+++ linux/net/netfilter/ipvs/ip_vs_core.c	2011-05-30 00:09:02.879248364 +0300
@@ -1792,7 +1792,7 @@ static struct nf_hook_ops ip_vs_ops[] __
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET,
 		.hooknum	= NF_INET_LOCAL_IN,
-		.priority	= 99,
+		.priority	= NF_IP_PRI_NAT_SRC - 2,
 	},
 	/* After packet filtering, forward packet through VS/DR, VS/TUN,
 	 * or VS/NAT(change destination), so that filtering rules can be
@@ -1802,7 +1802,7 @@ static struct nf_hook_ops ip_vs_ops[] __
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET,
 		.hooknum	= NF_INET_LOCAL_IN,
-		.priority	= 101,
+		.priority	= NF_IP_PRI_NAT_SRC - 1,
 	},
 	/* Before ip_vs_in, change source only for VS/NAT */
 	{
@@ -1810,7 +1810,7 @@ static struct nf_hook_ops ip_vs_ops[] __
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET,
 		.hooknum	= NF_INET_LOCAL_OUT,
-		.priority	= -99,
+		.priority	= NF_IP_PRI_NAT_DST + 1,
 	},
 	/* After mangle, schedule and forward local requests */
 	{
@@ -1818,7 +1818,7 @@ static struct nf_hook_ops ip_vs_ops[] __
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET,
 		.hooknum	= NF_INET_LOCAL_OUT,
-		.priority	= -98,
+		.priority	= NF_IP_PRI_NAT_DST + 2,
 	},
 	/* After packet filtering (but before ip_vs_out_icmp), catch icmp
 	 * destined for 0.0.0.0/0, which is for incoming IPVS connections */
@@ -1844,7 +1844,7 @@ static struct nf_hook_ops ip_vs_ops[] __
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET6,
 		.hooknum	= NF_INET_LOCAL_IN,
-		.priority	= 99,
+		.priority	= NF_IP6_PRI_NAT_SRC - 2,
 	},
 	/* After packet filtering, forward packet through VS/DR, VS/TUN,
 	 * or VS/NAT(change destination), so that filtering rules can be
@@ -1854,7 +1854,7 @@ static struct nf_hook_ops ip_vs_ops[] __
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET6,
 		.hooknum	= NF_INET_LOCAL_IN,
-		.priority	= 101,
+		.priority	= NF_IP6_PRI_NAT_SRC - 1,
 	},
 	/* Before ip_vs_in, change source only for VS/NAT */
 	{
@@ -1862,7 +1862,7 @@ static struct nf_hook_ops ip_vs_ops[] __
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET,
 		.hooknum	= NF_INET_LOCAL_OUT,
-		.priority	= -99,
+		.priority	= NF_IP6_PRI_NAT_DST + 1,
 	},
 	/* After mangle, schedule and forward local requests */
 	{
@@ -1870,7 +1870,7 @@ static struct nf_hook_ops ip_vs_ops[] __
 		.owner		= THIS_MODULE,
 		.pf		= PF_INET6,
 		.hooknum	= NF_INET_LOCAL_OUT,
-		.priority	= -98,
+		.priority	= NF_IP6_PRI_NAT_DST + 2,
 	},
 	/* After packet filtering (but before ip_vs_out_icmp), catch icmp
 	 * destined for 0.0.0.0/0, which is for incoming IPVS connections */

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] ipvs: restore support for iptables SNAT
  2011-05-29 22:01 Julian Anastasov
@ 2011-05-31 13:26 ` Simon Horman
  0 siblings, 0 replies; 6+ messages in thread
From: Simon Horman @ 2011-05-31 13:26 UTC (permalink / raw)
  To: Julian Anastasov; +Cc: lvs-devel, Pablo Neira Ayuso

On Mon, May 30, 2011 at 01:01:37AM +0300, Julian Anastasov wrote:
> 
> 	Fix the IPVS priority in LOCAL_IN hook,
> so that SNAT target in POSTROUTING is supported for IPVS
> traffic as in 2.6.36 where it worked depending on
> module load order.
> 
> 	Before 2.6.37 we used priority 100 in LOCAL_IN to
> process remote requests. We used the same priority as
> iptables SNAT and if IPVS handlers are installed before
> SNAT handlers we supported SNAT in POSTROUTING for the IPVS
> traffic. If SNAT is installed before IPVS, the netfilter
> handlers are before IPVS and netfilter checks the NAT
> table twice for the IPVS requests: once in LOCAL_IN where
> IPS_SRC_NAT_DONE is set and second time in POSTROUTING
> where the SNAT rules are ignored because IPS_SRC_NAT_DONE
> was already set in LOCAL_IN.
> 
> 	But in 2.6.37 we changed the IPVS priority for
> LOCAL_IN with the goal to be unique (101) forgetting the
> fact that for IPVS traffic we should not walk both
> LOCAL_IN and POSTROUTING nat tables.
> 
> 	So, change the priority for processing remote
> IPVS requests from 101 to 99, i.e. before NAT_SRC (100)
> because we prefer to support SNAT in POSTROUTING
> instead of LOCAL_IN. It also moves the priority for
> IPVS replies from 99 to 98. Use constants instead of
> magic numbers at these places.
> 
> Signed-off-by: Julian Anastasov <ja@ssi.bg>
> ---
> 
> 	Patch is against 2.6.39 but it applies also to
> ipvs-next-2.6-e3f6a65. It is a regression and the fix
> can go to the -rc kernels.

Acked-by: Simon Horman <horms@verge.net.au>

Pablo, can you take this?
Let me know if you need it reposted or put in a git tree.

> 
> diff -urp v2.6.39/linux/net/netfilter/ipvs/ip_vs_core.c linux/net/netfilter/ipvs/ip_vs_core.c
> --- v2.6.39/linux/net/netfilter/ipvs/ip_vs_core.c	2011-05-30 00:04:52.000000000 +0300
> +++ linux/net/netfilter/ipvs/ip_vs_core.c	2011-05-30 00:09:02.879248364 +0300
> @@ -1792,7 +1792,7 @@ static struct nf_hook_ops ip_vs_ops[] __
>  		.owner		= THIS_MODULE,
>  		.pf		= PF_INET,
>  		.hooknum	= NF_INET_LOCAL_IN,
> -		.priority	= 99,
> +		.priority	= NF_IP_PRI_NAT_SRC - 2,
>  	},
>  	/* After packet filtering, forward packet through VS/DR, VS/TUN,
>  	 * or VS/NAT(change destination), so that filtering rules can be
> @@ -1802,7 +1802,7 @@ static struct nf_hook_ops ip_vs_ops[] __
>  		.owner		= THIS_MODULE,
>  		.pf		= PF_INET,
>  		.hooknum	= NF_INET_LOCAL_IN,
> -		.priority	= 101,
> +		.priority	= NF_IP_PRI_NAT_SRC - 1,
>  	},
>  	/* Before ip_vs_in, change source only for VS/NAT */
>  	{
> @@ -1810,7 +1810,7 @@ static struct nf_hook_ops ip_vs_ops[] __
>  		.owner		= THIS_MODULE,
>  		.pf		= PF_INET,
>  		.hooknum	= NF_INET_LOCAL_OUT,
> -		.priority	= -99,
> +		.priority	= NF_IP_PRI_NAT_DST + 1,
>  	},
>  	/* After mangle, schedule and forward local requests */
>  	{
> @@ -1818,7 +1818,7 @@ static struct nf_hook_ops ip_vs_ops[] __
>  		.owner		= THIS_MODULE,
>  		.pf		= PF_INET,
>  		.hooknum	= NF_INET_LOCAL_OUT,
> -		.priority	= -98,
> +		.priority	= NF_IP_PRI_NAT_DST + 2,
>  	},
>  	/* After packet filtering (but before ip_vs_out_icmp), catch icmp
>  	 * destined for 0.0.0.0/0, which is for incoming IPVS connections */
> @@ -1844,7 +1844,7 @@ static struct nf_hook_ops ip_vs_ops[] __
>  		.owner		= THIS_MODULE,
>  		.pf		= PF_INET6,
>  		.hooknum	= NF_INET_LOCAL_IN,
> -		.priority	= 99,
> +		.priority	= NF_IP6_PRI_NAT_SRC - 2,
>  	},
>  	/* After packet filtering, forward packet through VS/DR, VS/TUN,
>  	 * or VS/NAT(change destination), so that filtering rules can be
> @@ -1854,7 +1854,7 @@ static struct nf_hook_ops ip_vs_ops[] __
>  		.owner		= THIS_MODULE,
>  		.pf		= PF_INET6,
>  		.hooknum	= NF_INET_LOCAL_IN,
> -		.priority	= 101,
> +		.priority	= NF_IP6_PRI_NAT_SRC - 1,
>  	},
>  	/* Before ip_vs_in, change source only for VS/NAT */
>  	{
> @@ -1862,7 +1862,7 @@ static struct nf_hook_ops ip_vs_ops[] __
>  		.owner		= THIS_MODULE,
>  		.pf		= PF_INET,
>  		.hooknum	= NF_INET_LOCAL_OUT,
> -		.priority	= -99,
> +		.priority	= NF_IP6_PRI_NAT_DST + 1,
>  	},
>  	/* After mangle, schedule and forward local requests */
>  	{
> @@ -1870,7 +1870,7 @@ static struct nf_hook_ops ip_vs_ops[] __
>  		.owner		= THIS_MODULE,
>  		.pf		= PF_INET6,
>  		.hooknum	= NF_INET_LOCAL_OUT,
> -		.priority	= -98,
> +		.priority	= NF_IP6_PRI_NAT_DST + 2,
>  	},
>  	/* After packet filtering (but before ip_vs_out_icmp), catch icmp
>  	 * destined for 0.0.0.0/0, which is for incoming IPVS connections */
> 

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2011-06-02 13:01 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-06-02  0:09 [GIT PULL pablo/nf-2.6-updates] IPVS Simon Horman
2011-06-02  0:09 ` [PATCH] ipvs: restore support for iptables SNAT Simon Horman
2011-06-02 11:51   ` Pablo Neira Ayuso
2011-06-02 13:01     ` Simon Horman
  -- strict thread matches above, loose matches on Subject: below --
2011-05-29 22:01 Julian Anastasov
2011-05-31 13:26 ` Simon Horman

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.