From: pablo@netfilter.org
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org
Subject: [PATCH 00/23] netfilter updates for net-next
Date: Thu, 8 Mar 2012 02:00:49 +0100 [thread overview]
Message-ID: <1331168472-5820-1-git-send-email-pablo@netfilter.org> (raw)
From: Pablo Neira Ayuso <pablo@netfilter.org>
Hi David,
The following patchset contains netfilter updates for net-next:
* Updates for ipset from Jozsef Kadlecsik and Jan Engelhardt.
* Enhancements for ctnetlink expectation support from myself.
* The new cttimeout infrastructure for fine-grain timeout for
the connection tracking system.
* Merge of ipt_LOG and ip6t_LOG to xt_LOG from Richard Weinberger.
* A couple of cleanups for nf_ct_ecache from Tony Zelenoff.
I know, I took too long to send them, let me know if there's
some chance to get them in.
You can pull them from:
git://1984.lsi.us.es/net-next master
Thanks.
Eric Dumazet (1):
netfilter: xt_LOG: add __printf() to sb_add()
Hans Schillstrom (1):
netfilter: ctnetlink: fix lockep splats
Jan Engelhardt (2):
netfilter: ipset: use NFPROTO_ constants
netfilter: ipset: expose userspace-relevant parts in ip_set.h
Jozsef Kadlecsik (3):
netfilter: ipset: Log warning when a hash type of set gets full
netfilter: ipset: Exceptions support added to hash:*net* types
netfilter: ipset: hash:net,iface timeout bug fixed
Pablo Neira Ayuso (11):
netfilter: ctnetlink: allow to set helper for new expectations
netfilter: ctnetlink: allow to set expectation class
netfilter: ctnetlink: add NAT support for expectations
netfilter: ctnetlink: allow to set expectfn for expectations
netfilter: nf_ct_udp[lite]: convert UDP[lite] timeouts to array
netfilter: nf_ct_tcp: move retransmission and unacknowledged timeout
to array
netfilter: nf_ct_gre: add unsigned int array to define timeouts
netfilter: nf_conntrack: pass timeout array to l4->new and l4->packet
netfilter: add cttimeout infrastructure for fine timeout tuning
netfilter: nf_ct_ext: add timeout extension
netfilter: xt_CT: allow to attach timeout policy + glue code
Richard Weinberger (2):
netfilter: merge ipt_LOG and ip6_LOG into xt_LOG
netfilter: xt_LOG: fix bogus extra layer-4 logging information
Tony Zelenoff (2):
netfilter: nf_ct_ecache: trailing whitespace removed
netfilter: nf_ct_ecache: refactor nf_ct_deliver_cached_events
WANG Cong (1):
netfilter: remove ipt_SAME.h and ipt_realm.h
include/linux/netfilter/Kbuild | 2 +
include/linux/netfilter/ipset/ip_set.h | 35 +-
include/linux/netfilter/ipset/ip_set_ahash.h | 119 +++-
include/linux/netfilter/nf_conntrack_tcp.h | 5 +-
include/linux/netfilter/nfnetlink.h | 3 +-
include/linux/netfilter/nfnetlink_conntrack.h | 11 +
include/linux/netfilter/nfnetlink_cttimeout.h | 114 +++
include/linux/netfilter/xt_CT.h | 12 +
include/linux/netfilter/xt_LOG.h | 19 +
include/linux/netfilter_ipv4/Kbuild | 2 -
include/linux/netfilter_ipv4/ipt_LOG.h | 2 +
include/linux/netfilter_ipv4/ipt_SAME.h | 20 -
include/linux/netfilter_ipv4/ipt_realm.h | 7 -
include/linux/netfilter_ipv6/ip6t_LOG.h | 2 +
include/net/netfilter/nf_conntrack_extend.h | 4 +
include/net/netfilter/nf_conntrack_helper.h | 13 +
include/net/netfilter/nf_conntrack_l4proto.h | 19 +-
include/net/netfilter/nf_conntrack_timeout.h | 78 ++
include/net/netfilter/xt_log.h | 2 +-
net/ipv4/netfilter/Kconfig | 9 -
net/ipv4/netfilter/Makefile | 1 -
net/ipv4/netfilter/ipt_LOG.c | 516 -------------
net/ipv4/netfilter/nf_conntrack_proto_icmp.c | 60 ++-
net/ipv4/netfilter/nf_nat_core.c | 8 +
net/ipv4/netfilter/nf_nat_h323.c | 14 +
net/ipv4/netfilter/nf_nat_sip.c | 7 +
net/ipv6/netfilter/Kconfig | 9 -
net/ipv6/netfilter/Makefile | 1 -
net/ipv6/netfilter/ip6t_LOG.c | 527 --------------
net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c | 60 ++-
net/netfilter/Kconfig | 30 +
net/netfilter/Makefile | 3 +
net/netfilter/ipset/ip_set_bitmap_ip.c | 4 +-
net/netfilter/ipset/ip_set_bitmap_ipmac.c | 4 +-
net/netfilter/ipset/ip_set_bitmap_port.c | 4 +-
net/netfilter/ipset/ip_set_core.c | 16 +-
net/netfilter/ipset/ip_set_getport.c | 4 +-
net/netfilter/ipset/ip_set_hash_ip.c | 18 +-
net/netfilter/ipset/ip_set_hash_ipport.c | 10 +-
net/netfilter/ipset/ip_set_hash_ipportip.c | 10 +-
net/netfilter/ipset/ip_set_hash_ipportnet.c | 147 +++-
net/netfilter/ipset/ip_set_hash_net.c | 89 ++-
net/netfilter/ipset/ip_set_hash_netiface.c | 84 ++-
net/netfilter/ipset/ip_set_hash_netport.c | 150 +++-
net/netfilter/ipset/ip_set_list_set.c | 2 +-
net/netfilter/nf_conntrack_core.c | 34 +-
net/netfilter/nf_conntrack_ecache.c | 55 +-
net/netfilter/nf_conntrack_helper.c | 54 ++
net/netfilter/nf_conntrack_netlink.c | 167 ++++-
net/netfilter/nf_conntrack_proto_dccp.c | 86 ++-
net/netfilter/nf_conntrack_proto_generic.c | 77 ++-
net/netfilter/nf_conntrack_proto_gre.c | 82 ++-
net/netfilter/nf_conntrack_proto_sctp.c | 83 ++-
net/netfilter/nf_conntrack_proto_tcp.c | 168 ++++-
net/netfilter/nf_conntrack_proto_udp.c | 106 +++-
net/netfilter/nf_conntrack_proto_udplite.c | 103 +++-
net/netfilter/nf_conntrack_timeout.c | 60 ++
net/netfilter/nfnetlink_cttimeout.c | 429 +++++++++++
net/netfilter/xt_CT.c | 220 ++++++-
net/netfilter/xt_LOG.c | 925 ++++++++++++++++++++++++
60 files changed, 3478 insertions(+), 1427 deletions(-)
create mode 100644 include/linux/netfilter/nfnetlink_cttimeout.h
create mode 100644 include/linux/netfilter/xt_LOG.h
delete mode 100644 include/linux/netfilter_ipv4/ipt_SAME.h
delete mode 100644 include/linux/netfilter_ipv4/ipt_realm.h
create mode 100644 include/net/netfilter/nf_conntrack_timeout.h
delete mode 100644 net/ipv4/netfilter/ipt_LOG.c
delete mode 100644 net/ipv6/netfilter/ip6t_LOG.c
create mode 100644 net/netfilter/nf_conntrack_timeout.c
create mode 100644 net/netfilter/nfnetlink_cttimeout.c
create mode 100644 net/netfilter/xt_LOG.c
--
1.7.7.3
next reply other threads:[~2012-03-08 1:00 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-08 1:00 pablo [this message]
2012-03-08 1:00 ` [PATCH 01/23] netfilter: ipset: use NFPROTO_ constants pablo
2012-03-08 1:00 ` [PATCH 02/23] netfilter: ipset: expose userspace-relevant parts in ip_set.h pablo
2012-03-08 1:00 ` [PATCH 03/23] netfilter: ipset: Log warning when a hash type of set gets full pablo
2012-03-08 1:00 ` [PATCH 04/23] netfilter: ipset: Exceptions support added to hash:*net* types pablo
2012-03-08 1:00 ` [PATCH 05/23] netfilter: ipset: hash:net,iface timeout bug fixed pablo
2012-03-08 1:00 ` [PATCH 06/23] netfilter: ctnetlink: allow to set helper for new expectations pablo
2012-03-08 1:00 ` [PATCH 07/23] netfilter: ctnetlink: allow to set expectation class pablo
2012-03-08 1:00 ` [PATCH 08/23] netfilter: ctnetlink: add NAT support for expectations pablo
2012-03-08 1:00 ` [PATCH 09/23] netfilter: ctnetlink: allow to set expectfn " pablo
2012-03-08 1:00 ` [PATCH 10/23] netfilter: merge ipt_LOG and ip6_LOG into xt_LOG pablo
2012-03-08 1:01 ` [PATCH 11/23] netfilter: nf_ct_ecache: trailing whitespace removed pablo
2012-03-08 1:01 ` [PATCH 12/23] netfilter: nf_ct_ecache: refactor nf_ct_deliver_cached_events pablo
2012-03-08 1:01 ` [PATCH 13/23] netfilter: remove ipt_SAME.h and ipt_realm.h pablo
2012-03-08 1:01 ` [PATCH 14/23] netfilter: xt_LOG: fix bogus extra layer-4 logging information pablo
2012-03-08 1:01 ` [PATCH 15/23] netfilter: ctnetlink: fix lockep splats pablo
2012-03-08 1:01 ` [PATCH 16/23] netfilter: nf_ct_udp[lite]: convert UDP[lite] timeouts to array pablo
2012-03-08 1:01 ` [PATCH 17/23] netfilter: nf_ct_tcp: move retransmission and unacknowledged timeout " pablo
2012-03-08 1:01 ` [PATCH 18/23] netfilter: nf_ct_gre: add unsigned int array to define timeouts pablo
2012-03-08 1:01 ` [PATCH 19/23] netfilter: nf_conntrack: pass timeout array to l4->new and l4->packet pablo
2012-03-08 1:01 ` [PATCH 20/23] netfilter: add cttimeout infrastructure for fine timeout tuning pablo
2012-03-08 1:01 ` [PATCH 21/23] netfilter: nf_ct_ext: add timeout extension pablo
2012-03-08 1:01 ` [PATCH 22/23] netfilter: xt_CT: allow to attach timeout policy + glue code pablo
2012-03-08 1:01 ` [PATCH 23/23] netfilter: xt_LOG: add __printf() to sb_add() pablo
2012-03-08 6:48 ` [PATCH 00/23] netfilter updates for net-next David Miller
-- strict thread matches above, loose matches on Subject: below --
2015-12-18 20:26 [PATCH 00/23] Netfilter " Pablo Neira Ayuso
2015-12-18 20:38 ` David Miller
2016-04-22 13:39 Pablo Neira Ayuso
2016-04-24 4:26 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1331168472-5820-1-git-send-email-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).