From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
To: netfilter-devel@vger.kernel.org
Cc: Patrick McHardy <kaber@trash.net>,
Pablo Neira Ayuso <pablo@netfilter.org>,
Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Subject: [PATCH 00/13] ipset kernel patches v2
Date: Fri, 21 Jan 2011 15:01:53 +0100 [thread overview]
Message-ID: <1295618527-9583-1-git-send-email-kadlec@blackhole.kfki.hu> (raw)
Hi,
Here follows the updated ipset kernel patches. The terse list of the changes is
- Fix trailing whitespaces and pr_* messages
- Un-inline functions which are not small enough
- Fix module loading at create/header commands
- Fix wrong kzalloc flag in type_pf_expire
- The get_ip*_port functions are too large to be inlined, moved into the core
- Add missing __GFP_HIGHMEM flag to __vmalloc
- Enforce network-ordered data in the netlink protocol
- Use annotated types and fix sparse warnings
- Move ip_set_alloc, ip_set_free and ip_set_get_ipaddr* into the core
- NETMASK*, HOSTMASK* macros are too generic, replace with inline functions
- Use static LIST_HEAD() for ip_set_type_list
- Move NLA_PUT_NET* macros to include/net/netlink.h
- The module parameter max_sets should be unsigned int
- Get rid of ip_set_kernel.h
- Fix the placement style of boolean operators at continued lines
Vast of the changes are based on Patrick's review. I did not introduce nla_strcmp
and nla_strlcpy in the ip_set_rename function, because nla_strcmp would be called
in a loop and that is not optimal. Eric suggested to use vzalloc instead of
__vmalloc, however the former hasn't got a gfp_t argument, so I kept __vmalloc.
Two bugs are fixed compared to the previous version: the module-autoloading
issue and the wrong kzalloc flag in type_pf_expire. Therefore I'll release
a new ipset package today too.
Best regards,
Jozsef
Jozsef Kadlecsik (13):
NFNL_SUBSYS_IPSET id and NLA_PUT_NET* macros
IP set core support
bitmap:ip set type support
bitmap:ip,mac type support
bitmap:port set type support
hash:ip set type support
hash:ip,port set type support
hash:ip,port,ip set type support
hash:ip,port,net set type support
hash:net set type support
hash:net,port set type support
list:set set type support
"set" match and "SET" target support
include/linux/netfilter/ipset/ip_set.h | 449 +++++++
include/linux/netfilter/ipset/ip_set_ahash.h | 1074 ++++++++++++++++
include/linux/netfilter/ipset/ip_set_bitmap.h | 31 +
include/linux/netfilter/ipset/ip_set_getport.h | 11 +
include/linux/netfilter/ipset/ip_set_hash.h | 26 +
include/linux/netfilter/ipset/ip_set_list.h | 27 +
include/linux/netfilter/ipset/ip_set_timeout.h | 127 ++
include/linux/netfilter/ipset/pfxlen.h | 35 +
include/linux/netfilter/nfnetlink.h | 3 +-
include/linux/netfilter/xt_set.h | 55 +
include/net/netlink.h | 9 +
net/netfilter/Kconfig | 14 +
net/netfilter/Makefile | 4 +
net/netfilter/ipset/Kconfig | 121 ++
net/netfilter/ipset/Makefile | 24 +
net/netfilter/ipset/ip_set_bitmap_ip.c | 732 +++++++++++
net/netfilter/ipset/ip_set_bitmap_ipmac.c | 666 ++++++++++
net/netfilter/ipset/ip_set_bitmap_port.c | 649 ++++++++++
net/netfilter/ipset/ip_set_core.c | 1620 ++++++++++++++++++++++++
net/netfilter/ipset/ip_set_getport.c | 135 ++
net/netfilter/ipset/ip_set_hash_ip.c | 484 +++++++
net/netfilter/ipset/ip_set_hash_ipport.c | 565 +++++++++
net/netfilter/ipset/ip_set_hash_ipportip.c | 584 +++++++++
net/netfilter/ipset/ip_set_hash_ipportnet.c | 650 ++++++++++
net/netfilter/ipset/ip_set_hash_net.c | 480 +++++++
net/netfilter/ipset/ip_set_hash_netport.c | 601 +++++++++
net/netfilter/ipset/ip_set_list_set.c | 594 +++++++++
net/netfilter/ipset/pfxlen.c | 291 +++++
net/netfilter/xt_set.c | 370 ++++++
29 files changed, 10430 insertions(+), 1 deletions(-)
create mode 100644 include/linux/netfilter/ipset/ip_set.h
create mode 100644 include/linux/netfilter/ipset/ip_set_ahash.h
create mode 100644 include/linux/netfilter/ipset/ip_set_bitmap.h
create mode 100644 include/linux/netfilter/ipset/ip_set_getport.h
create mode 100644 include/linux/netfilter/ipset/ip_set_hash.h
create mode 100644 include/linux/netfilter/ipset/ip_set_list.h
create mode 100644 include/linux/netfilter/ipset/ip_set_timeout.h
create mode 100644 include/linux/netfilter/ipset/pfxlen.h
create mode 100644 include/linux/netfilter/xt_set.h
create mode 100644 net/netfilter/ipset/Kconfig
create mode 100644 net/netfilter/ipset/Makefile
create mode 100644 net/netfilter/ipset/ip_set_bitmap_ip.c
create mode 100644 net/netfilter/ipset/ip_set_bitmap_ipmac.c
create mode 100644 net/netfilter/ipset/ip_set_bitmap_port.c
create mode 100644 net/netfilter/ipset/ip_set_core.c
create mode 100644 net/netfilter/ipset/ip_set_getport.c
create mode 100644 net/netfilter/ipset/ip_set_hash_ip.c
create mode 100644 net/netfilter/ipset/ip_set_hash_ipport.c
create mode 100644 net/netfilter/ipset/ip_set_hash_ipportip.c
create mode 100644 net/netfilter/ipset/ip_set_hash_ipportnet.c
create mode 100644 net/netfilter/ipset/ip_set_hash_net.c
create mode 100644 net/netfilter/ipset/ip_set_hash_netport.c
create mode 100644 net/netfilter/ipset/ip_set_list_set.c
create mode 100644 net/netfilter/ipset/pfxlen.c
create mode 100644 net/netfilter/xt_set.c
next reply other threads:[~2011-01-21 14:02 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-21 14:01 Jozsef Kadlecsik [this message]
2011-01-21 14:01 ` [PATCH 01/13] NFNL_SUBSYS_IPSET id and NLA_PUT_NET* macros Jozsef Kadlecsik
2011-01-21 14:01 ` [PATCH 02/13] IP set core support Jozsef Kadlecsik
2011-01-21 14:01 ` [PATCH 03/13] bitmap:ip set type support Jozsef Kadlecsik
2011-01-21 14:01 ` [PATCH 04/13] bitmap:ip,mac " Jozsef Kadlecsik
2011-01-21 14:01 ` [PATCH 05/13] bitmap:port set " Jozsef Kadlecsik
2011-01-21 14:01 ` [PATCH 06/13] hash:ip " Jozsef Kadlecsik
2011-01-21 14:02 ` [PATCH 07/13] hash:ip,port " Jozsef Kadlecsik
2011-01-21 14:02 ` [PATCH 08/13] hash:ip,port,ip " Jozsef Kadlecsik
2011-01-21 14:02 ` [PATCH 09/13] hash:ip,port,net " Jozsef Kadlecsik
2011-01-21 14:02 ` [PATCH 10/13] hash:net " Jozsef Kadlecsik
2011-01-21 14:02 ` [PATCH 11/13] hash:net,port " Jozsef Kadlecsik
2011-01-21 14:02 ` [PATCH 12/13] list:set " Jozsef Kadlecsik
2011-01-21 14:02 ` [PATCH 13/13] "set" match and "SET" target support Jozsef Kadlecsik
2011-01-25 15:18 ` Patrick McHardy
2011-01-25 21:40 ` Jozsef Kadlecsik
2011-01-25 15:05 ` [PATCH 03/13] bitmap:ip set type support Patrick McHardy
2011-01-25 21:34 ` Jozsef Kadlecsik
2011-01-27 9:06 ` Jozsef Kadlecsik
2011-01-27 9:08 ` Patrick McHardy
2011-01-21 21:39 ` [PATCH 02/13] IP set core support Jozsef Kadlecsik
2011-01-25 14:47 ` Patrick McHardy
2011-01-25 21:23 ` Jozsef Kadlecsik
2011-01-26 11:57 ` Patrick McHardy
2011-01-26 11:57 ` Patrick McHardy
2011-01-25 15:06 ` Patrick McHardy
2011-01-25 21:28 ` Jozsef Kadlecsik
2011-01-27 8:58 ` Jozsef Kadlecsik
2011-01-25 15:38 ` [PATCH 00/13] ipset kernel patches v2 Patrick McHardy
2011-01-25 21:41 ` Jozsef Kadlecsik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1295618527-9583-1-git-send-email-kadlec@blackhole.kfki.hu \
--to=kadlec@blackhole.kfki.hu \
--cc=kaber@trash.net \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).