From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org
Subject: [PATCH 00/51] netfilter updates for net-next
Date: Sat, 6 Apr 2013 14:16:59 +0200 [thread overview]
Message-ID: <1365250670-14993-1-git-send-email-pablo@netfilter.org> (raw)
Hi David,
The following patchset contains Netfilter and IPVS updates for
your net-next tree, most relevantly they are:
* Add net namespace support to NFLOG, ULOG and ebt_ulog and NFQUEUE.
The LOG and ebt_log target has been also adapted, but they still
depend on the syslog netnamespace that seems to be missing, from
Gao Feng.
* Don't lose indications of congestion in IPv6 fragmentation handling,
from Hannes Frederic Sowa.i
* IPVS conversion to use RCU, including some code consolidation patches
and optimizations, also some from Julian Anastasov.
* cpu fanout support for NFQUEUE, from Holger Eitzenberger.
* Better error reporting to userspace when dropping packets from
all our _*_[xfrm|route]_me_harder functions, from Patrick McHardy.
You can pull these changes from:
git://1984.lsi.us.es/nf-next master
Thanks!
Gao feng (10):
netfilter: use IS_ENABLE to replace if defined in TRACE target
netfilter: make /proc/net/netfilter pernet
netfilter: nf_log: prepare net namespace support for loggers
netfilter: ebt_log: add net namespace support for ebt_log
netfilter: xt_LOG: add net namespace support for xt_LOG
netfilter: ebt_ulog: add net namespace support for ebt_ulog
netfilter: ipt_ULOG: add net namespace support for ipt_ULOG
netfilter: nfnetlink_log: add net namespace support for nfnetlink_log
netfilter: enable per netns support for nf_loggers
netfilter: nfnetlink_queue: add net namespace support for nfnetlink_queue
Hannes Frederic Sowa (1):
netfilter: implement RFC3168 5.3 (ecn protection) for ipv6 fragmentation handling
Julian Anastasov (33):
ipvs: avoid routing by TOS for real server
ipvs: prefer NETDEV_DOWN event to free cached dsts
ipvs: convert the IP_VS_XMIT macros to functions
ipvs: rename functions related to dst_cache reset
ipvs: no need to reroute anymore on DNAT over loopback
ipvs: do not use skb_share_check
ipvs: consolidate all dst checks on transmit in one place
ipvs: optimize dst usage for real server
ipvs: convert app locks
ipvs: remove rs_lock by using RCU
ipvs: convert locks used in persistence engines
ipvs: convert connection locking
ipvs: reorder keys in connection structure
ipvs: avoid kmem_cache_zalloc in ip_vs_conn_new
ipvs: change ip_vs_sched_lock to mutex
ipvs: preparations for using rcu in schedulers
ipvs: add ip_vs_dest_hold and ip_vs_dest_put
ipvs: convert dh scheduler to rcu
ipvs: convert lblc scheduler to rcu
ipvs: convert lblcr scheduler to rcu
ipvs: convert lc scheduler to rcu
ipvs: convert nq scheduler to rcu
ipvs: convert rr scheduler to rcu
ipvs: convert sed scheduler to rcu
ipvs: convert sh scheduler to rcu
ipvs: convert wlc scheduler to rcu
ipvs: convert wrr scheduler to rcu
ipvs: reorganize dest trash
ipvs: do not expect result from done_service
ipvs: convert sched_lock to spin lock
ipvs: convert dests to rcu
ipvs: convert services to rcu
ipvs: do not disable bh for long time
Michal Kubeček (1):
netfilter: fix struct ip6t_frag field description
Pablo Neira Ayuso (1):
netfilter: remove unneeded variable proc_net_netfilter
Patrick McHardy (3):
netfilter: ipv4: propagate routing errors from ip_route_me_harder()
netfilter: ipv6: propagate routing errors from ip6_route_me_harder()
netfilter: nat: propagate errors from xfrm_me_harder()
holger@eitzenberger.org (2):
netfilter: xt_NFQUEUE: introduce CPU fanout
netfilter: xt_NFQUEUE: coalesce IPv4 and IPv6 hashing
include/linux/netfilter.h | 5 -
include/net/ip_vs.h | 130 ++-
include/net/net_namespace.h | 2 +
include/net/netfilter/nf_log.h | 14 +-
include/net/netns/netfilter.h | 18 +
include/uapi/linux/netfilter/xt_NFQUEUE.h | 9 +
include/uapi/linux/netfilter_ipv6/ip6t_frag.h | 4 +-
net/bridge/netfilter/ebt_log.c | 44 +-
net/bridge/netfilter/ebt_nflog.c | 5 +-
net/bridge/netfilter/ebt_ulog.c | 125 ++-
net/ipv4/ip_output.c | 3 +-
net/ipv4/netfilter.c | 8 +-
net/ipv4/netfilter/ip_tables.c | 9 +-
net/ipv4/netfilter/ipt_ULOG.c | 129 ++-
net/ipv4/netfilter/iptable_mangle.c | 9 +-
net/ipv4/netfilter/iptable_nat.c | 23 +-
net/ipv4/netfilter/nf_conntrack_proto_icmp.c | 8 +-
net/ipv6/netfilter.c | 6 +-
net/ipv6/netfilter/ip6_tables.c | 3 +-
net/ipv6/netfilter/ip6table_mangle.c | 9 +-
net/ipv6/netfilter/ip6table_nat.c | 23 +-
net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c | 7 +-
net/ipv6/netfilter/nf_conntrack_reasm.c | 22 +-
net/netfilter/core.c | 29 +-
net/netfilter/ipvs/ip_vs_app.c | 31 +-
net/netfilter/ipvs/ip_vs_conn.c | 306 +++----
net/netfilter/ipvs/ip_vs_core.c | 73 +-
net/netfilter/ipvs/ip_vs_ctl.c | 641 +++++++--------
net/netfilter/ipvs/ip_vs_dh.c | 86 +-
net/netfilter/ipvs/ip_vs_ftp.c | 4 +
net/netfilter/ipvs/ip_vs_lblc.c | 115 +--
net/netfilter/ipvs/ip_vs_lblcr.c | 190 +++--
net/netfilter/ipvs/ip_vs_lc.c | 3 +-
net/netfilter/ipvs/ip_vs_nq.c | 3 +-
net/netfilter/ipvs/ip_vs_pe.c | 55 +-
net/netfilter/ipvs/ip_vs_pe_sip.c | 1 +
net/netfilter/ipvs/ip_vs_proto_sctp.c | 36 +-
net/netfilter/ipvs/ip_vs_proto_tcp.c | 40 +-
net/netfilter/ipvs/ip_vs_proto_udp.c | 33 +-
net/netfilter/ipvs/ip_vs_rr.c | 64 +-
net/netfilter/ipvs/ip_vs_sched.c | 63 +-
net/netfilter/ipvs/ip_vs_sed.c | 5 +-
net/netfilter/ipvs/ip_vs_sh.c | 86 +-
net/netfilter/ipvs/ip_vs_sync.c | 35 +-
net/netfilter/ipvs/ip_vs_wlc.c | 5 +-
net/netfilter/ipvs/ip_vs_wrr.c | 176 ++--
net/netfilter/ipvs/ip_vs_xmit.c | 1050 ++++++++++--------------
net/netfilter/nf_conntrack_helper.c | 2 +-
net/netfilter/nf_conntrack_proto_dccp.c | 9 +-
net/netfilter/nf_conntrack_proto_tcp.c | 18 +-
net/netfilter/nf_conntrack_proto_udp.c | 6 +-
net/netfilter/nf_conntrack_proto_udplite.c | 8 +-
net/netfilter/nf_log.c | 206 +++--
net/netfilter/nf_nat_core.c | 9 +-
net/netfilter/nfnetlink_log.c | 182 ++--
net/netfilter/nfnetlink_queue_core.c | 173 ++--
net/netfilter/xt_LOG.c | 52 +-
net/netfilter/xt_NFQUEUE.c | 63 +-
net/netfilter/xt_osf.c | 6 +-
59 files changed, 2451 insertions(+), 2028 deletions(-)
create mode 100644 include/net/netns/netfilter.h
--
1.7.10.4
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next reply other threads:[~2013-04-06 12:18 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-06 12:16 Pablo Neira Ayuso [this message]
2013-04-06 12:17 ` [PATCH 01/51] ipvs: avoid routing by TOS for real server Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 02/51] ipvs: prefer NETDEV_DOWN event to free cached dsts Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 03/51] ipvs: convert the IP_VS_XMIT macros to functions Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 04/51] ipvs: rename functions related to dst_cache reset Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 05/51] ipvs: no need to reroute anymore on DNAT over loopback Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 06/51] ipvs: do not use skb_share_check Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 07/51] ipvs: consolidate all dst checks on transmit in one place Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 08/51] ipvs: optimize dst usage for real server Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 09/51] ipvs: convert app locks Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 10/51] ipvs: remove rs_lock by using RCU Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 11/51] ipvs: convert locks used in persistence engines Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 12/51] ipvs: convert connection locking Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 13/51] ipvs: reorder keys in connection structure Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 14/51] ipvs: avoid kmem_cache_zalloc in ip_vs_conn_new Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 15/51] ipvs: change ip_vs_sched_lock to mutex Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 16/51] ipvs: preparations for using rcu in schedulers Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 17/51] ipvs: add ip_vs_dest_hold and ip_vs_dest_put Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 18/51] ipvs: convert dh scheduler to rcu Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 19/51] ipvs: convert lblc " Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 20/51] ipvs: convert lblcr " Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 21/51] ipvs: convert lc " Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 22/51] ipvs: convert nq " Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 23/51] ipvs: convert rr " Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 24/51] ipvs: convert sed " Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 25/51] ipvs: convert sh " Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 26/51] ipvs: convert wlc " Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 27/51] ipvs: convert wrr " Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 28/51] ipvs: reorganize dest trash Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 29/51] ipvs: do not expect result from done_service Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 30/51] ipvs: convert sched_lock to spin lock Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 31/51] ipvs: convert dests to rcu Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 32/51] ipvs: convert services " Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 33/51] ipvs: do not disable bh for long time Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 34/51] netfilter: use IS_ENABLE to replace if defined in TRACE target Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 35/51] netfilter: xt_NFQUEUE: introduce CPU fanout Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 36/51] netfilter: xt_NFQUEUE: coalesce IPv4 and IPv6 hashing Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 37/51] netfilter: fix struct ip6t_frag field description Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 38/51] netfilter: make /proc/net/netfilter pernet Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 39/51] netfilter: nf_log: prepare net namespace support for loggers Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 40/51] netfilter: ebt_log: add net namespace support for ebt_log Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 41/51] netfilter: xt_LOG: add net namespace support for xt_LOG Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 42/51] netfilter: ebt_ulog: add net namespace support for ebt_ulog Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 43/51] netfilter: ipt_ULOG: add net namespace support for ipt_ULOG Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 44/51] netfilter: nfnetlink_log: add net namespace support for nfnetlink_log Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 45/51] netfilter: enable per netns support for nf_loggers Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 46/51] netfilter: nfnetlink_queue: add net namespace support for nfnetlink_queue Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 47/51] netfilter: remove unneeded variable proc_net_netfilter Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 48/51] netfilter: implement RFC3168 5.3 (ecn protection) for ipv6 fragmentation handling Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 49/51] netfilter: ipv4: propagate routing errors from ip_route_me_harder() Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 50/51] netfilter: ipv6: propagate routing errors from ip6_route_me_harder() Pablo Neira Ayuso
2013-04-06 12:17 ` [PATCH 51/51] netfilter: nat: propagate errors from xfrm_me_harder() Pablo Neira Ayuso
2013-04-06 13:14 ` [PATCH 00/51] netfilter updates for net-next Julian Anastasov
2013-04-06 13:52 ` Pablo Neira Ayuso
2013-04-07 16:27 ` David Miller
2013-04-08 16:06 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1365250670-14993-1-git-send-email-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).