From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org
Subject: [PATCH 0/6] netfilter/ipvs fixes for net
Date: Sat, 10 Jan 2015 19:50:02 +0100 [thread overview]
Message-ID: <1420915808-7160-1-git-send-email-pablo@netfilter.org> (raw)
Hi David,
The following patchset contains netfilter/ipvs fixes, they are:
1) Small fix for the FTP helper in IPVS, a diff variable may be left
unset when CONFIG_IP_VS_IPV6 is set. Patch from Dan Carpenter.
2) Fix nf_tables port NAT in little endian archs, patch from leroy
christophe.
3) Fix race condition between conntrack confirmation and flush from
userspace. This is the second reincarnation to resolve this problem.
4) Make sure inner messages in the batch come with the nfnetlink header.
5) Relax strict check from nfnetlink_bind() that may break old userspace
applications using all 1s group mask.
6) Schedule removal of chains once no sets and rules refer to them in
the new nf_tables ruleset flush command. Reported by Asbjoern Sloth
Toennesen.
Note that this batch comes later than usual because of the short
winter holidays.
You can pull these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git
Have a happy new year, thanks!
----------------------------------------------------------------
The following changes since commit ac9a3d84e121196263636f2d38d439a45888005a:
be2net: Fix incorrect setting of tunnel offload flag in netdev features (2014-12-18 12:51:29 -0500)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git master
for you to fetch changes up to a2f18db0c68fec96631c10cad9384c196e9008ac:
netfilter: nf_tables: fix flush ruleset chain dependencies (2015-01-06 22:27:48 +0100)
----------------------------------------------------------------
Dan Carpenter (1):
ipvs: uninitialized data with IP_VS_IPV6
Pablo Neira Ayuso (5):
Merge tag 'ipvs2-for-v3.19' of https://git.kernel.org/.../horms/ipvs-next into ipvs-next
netfilter: conntrack: fix race between confirmation and flush
netfilter: nfnetlink: validate nfnetlink header from batch
netfilter: nfnetlink: relax strict multicast group check from netlink_bind
netfilter: nf_tables: fix flush ruleset chain dependencies
leroy christophe (1):
netfilter: nf_tables: fix port natting in little endian archs
net/ipv4/netfilter/nft_redir_ipv4.c | 8 ++++----
net/ipv6/netfilter/nft_redir_ipv6.c | 8 ++++----
net/netfilter/ipvs/ip_vs_ftp.c | 10 +++++-----
net/netfilter/nf_conntrack_core.c | 20 +++++++++-----------
net/netfilter/nf_tables_api.c | 14 +++++++++-----
net/netfilter/nfnetlink.c | 5 +++--
net/netfilter/nft_nat.c | 8 ++++----
7 files changed, 38 insertions(+), 35 deletions(-)
next reply other threads:[~2015-01-10 18:47 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-10 18:50 Pablo Neira Ayuso [this message]
2015-01-10 18:50 ` [PATCH 1/6] ipvs: uninitialized data with IP_VS_IPV6 Pablo Neira Ayuso
2015-01-10 18:50 ` [PATCH 2/6] netfilter: nf_tables: fix port natting in little endian archs Pablo Neira Ayuso
2015-01-10 18:50 ` [PATCH 3/6] netfilter: conntrack: fix race between confirmation and flush Pablo Neira Ayuso
2015-01-10 18:50 ` [PATCH 4/6] netfilter: nfnetlink: validate nfnetlink header from batch Pablo Neira Ayuso
2015-01-10 18:50 ` [PATCH 5/6] netfilter: nfnetlink: relax strict multicast group check from netlink_bind Pablo Neira Ayuso
2015-01-10 18:50 ` [PATCH 6/6] netfilter: nf_tables: fix flush ruleset chain dependencies Pablo Neira Ayuso
2015-01-12 5:15 ` [PATCH 0/6] netfilter/ipvs fixes for net David Miller
-- strict thread matches above, loose matches on Subject: below --
2016-07-12 16:10 [PATCH 0/6] Netfilter/IPVS " Pablo Neira Ayuso
2016-07-12 17:22 ` David Miller
2014-10-31 12:18 [PATCH 0/6] netfilter/ipvs " Pablo Neira Ayuso
2014-10-31 16:30 ` David Miller
2013-10-01 9:08 [PATCH 0/6] Netfilter/IPVS " Pablo Neira Ayuso
2013-10-01 16:39 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1420915808-7160-1-git-send-email-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).