Hi Dave,
following are some netfilter fixes for 2.6.28, containing:
- restauration of a lost #ifdef to fix user-triggerable WARN_ONs in the
NAT code. Also queued for -stable.
- restauration of ebtables dependencies that got lost during a Kconfig
restructuring
- a slightly more involved patch from Pablo to remove the bogus NAT module
dependencies from ctnetlink. It could be argued whether this qualifies as
a real bugfix since its mainly a "it shouldn't be like this" thing and
everything works properly, in my opinion it does though because of all
the side effects that even just loading the NAT module causes. A somewhat
fitting analogy would be an IPv6 module dependency in, lets say, TCP :)
Please apply, thanks.
include/linux/netfilter/nfnetlink.h | 3 +
include/net/netfilter/nf_nat_core.h | 8 ++
net/bridge/netfilter/Kconfig | 1 +
net/ipv4/netfilter/nf_defrag_ipv4.c | 3 +-
net/ipv4/netfilter/nf_nat_core.c | 97 ++++++++++++++++++++++
net/netfilter/nf_conntrack_core.c | 7 ++
net/netfilter/nf_conntrack_netlink.c | 151 ++++++++++++++--------------------
net/netfilter/nfnetlink.c | 12 ++-
8 files changed, 188 insertions(+), 94 deletions(-)
Pablo Neira Ayuso (1):
netfilter: ctnetlink: remove bogus module dependency between ctnetlink and nf_nat
Patrick McHardy (2):
netfilter: restore lost #ifdef guarding defrag exception
netfilter: fix ebtables dependencies
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
