From: Vasily Averin <vvs@parallels.com>
To: Bart De Schuymer <bdschuym@pandora.be>
Cc: Florian Westphal <fw@strlen.de>,
netfilter-devel@vger.kernel.org,
Patrick McHardy <kaber@trash.net>,
Pablo Neira Ayuso <pablo@netfilter.org>
Subject: [PATCH RFC v2 00/11] per-netns sysctl for br_netfilter
Date: Mon, 12 May 2014 16:56:37 +0400 [thread overview]
Message-ID: <5370C505.5040405@parallels.com> (raw)
In-Reply-To: <536FD0FD.8010204@pandora.de>
Dear Bart,
thank you for feedback, I've reworked patch set to fix your notes.
This patch set enables per network namespace managemnt for br_netfiltes sysctls,
it allows to enable processing br-nf-call hooks in one network namespace
and keep it disabled in another ones.
v2: removed extra overhead for CONFIG_SYSCTL=n
Vasily Averin (11):
1 br_netfilter: brnf_net structure for sysctl setting
2 br_netfilter: default sysctl settings in init_brnf_net
3 br_netfilter: brnf_flag macro
4 br_netfilter: switch sysctl call_arptables to init_brnf_net
5 br_netfilter: switch sysctls call_iptables call_ip6tables to init_brnf_net
6 br_netfilter: switch sysctl filter_vlan_tagged to init_brnf_net
7 br_netfilter: switch sysctl filter_pppoe_tagged to init_brnf_net
8 br_netfilter: switch sysctl pass_vlan_indev to init_brnf_net
9 br_netfilter: pernet_operations brnf_net_opts without sysctl registration
10 br_netfilter: per-netns sysctl registration
11 br_netfilter: switch all sysctls to per-netns processing
net/bridge/br_netfilter.c | 155 ++++++++++++++++++++++++++++++++++-----------
net/bridge/br_private.h | 13 ++++
2 files changed, 130 insertions(+), 38 deletions(-)
--
1.7.5.4
next parent reply other threads:[~2014-05-12 12:57 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <536FD0FD.8010204@pandora.de>
2014-05-12 12:56 ` Vasily Averin [this message]
[not found] ` <cover.1399897184.git.vvs@openvz.org>
2014-05-12 12:56 ` [PATCH RFC v2 01/11] br_netfilter: brnf_net structure for sysctl setting Vasily Averin
2014-05-12 12:56 ` [PATCH RFC v2 02/11] br_netfilter: default sysctl settings in init_brnf_net Vasily Averin
2014-05-12 14:07 ` Patrick McHardy
2014-05-12 16:31 ` [PATCH RFC v3 0/2] per-netns sysctl for br_netfilter Vasily Averin
2014-05-29 12:28 ` Pablo Neira Ayuso
2014-05-30 10:04 ` Vasily Averin
[not found] ` <cover.1399909529.git.vvs@openvz.org>
2014-05-12 16:31 ` [PATCH RFC v3 1/2] br_netfilter: common structure for sysctl flags Vasily Averin
2014-05-12 16:32 ` [PATCH RFC v3 2/2] br_netfilter: per-netns copy of " Vasily Averin
2014-05-12 19:04 ` Bart De Schuymer
2014-05-12 20:11 ` Vasily Averin
2014-05-13 19:28 ` Bart De Schuymer
[not found] ` <53727246.4050306-LPO8gxj9N8aZIoH1IeqzKA@public.gmane.org>
2014-05-15 9:01 ` question about default values for per-namespace settings Vasily Averin
2014-05-15 9:01 ` Vasily Averin
2014-05-15 17:48 ` Tejun Heo
[not found] ` <20140515174850.GB20738-9pTldWuhBndy/B6EtB590w@public.gmane.org>
2014-05-16 11:16 ` Maciej Żenczykowski
[not found] ` <53748280.60906-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org>
2014-05-15 11:02 ` Serge Hallyn
2014-05-15 17:48 ` Tejun Heo
2014-05-19 19:30 ` Bart De Schuymer
2014-05-19 19:30 ` Bart De Schuymer
[not found] ` <537A5BD1.90906-LPO8gxj9N8aZIoH1IeqzKA@public.gmane.org>
2014-06-24 8:21 ` Vasily Averin
[not found] ` <53A934F1.7040906-bzQdu9zFT3WakBO8gow8eQ@public.gmane.org>
2014-06-25 7:45 ` Eric W. Biederman
2014-06-25 7:45 ` Eric W. Biederman
2014-05-12 12:57 ` [PATCH RFC v2 03/11] br_netfilter: brnf_flag macro Vasily Averin
2014-05-12 12:57 ` [PATCH RFC v2 04/11] br_netfilter: switch sysctl call_arptables to init_brnf_net Vasily Averin
2014-05-12 12:57 ` [PATCH RFC v2 05/11] br_netfilter: switch sysctls call_iptables and call_ip6tables " Vasily Averin
2014-05-12 12:57 ` [PATCH RFC v2 06/11] br_netfilter: switch sysctl filter_vlan_tagged " Vasily Averin
2014-05-12 12:57 ` [PATCH RFC v2 07/11] br_netfilter: switch sysctl filter_pppoe_tagged " Vasily Averin
2014-05-12 12:57 ` [PATCH RFC v2 08/11] br_netfilter: switch sysctl pass_vlan_indev " Vasily Averin
2014-05-12 12:57 ` [PATCH RFC v2 09/11] br_netfilter: added pernet_operations without sysctl registration Vasily Averin
2014-05-12 12:58 ` [PATCH RFC v2 10/11] br_netfilter: per-netns " Vasily Averin
2014-05-12 12:58 ` [PATCH RFC v2 11/11] br_netfilter: switch all sysctls to per-netns processing Vasily Averin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5370C505.5040405@parallels.com \
--to=vvs@parallels.com \
--cc=bdschuym@pandora.be \
--cc=fw@strlen.de \
--cc=kaber@trash.net \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.