Hi Patrick,
The following patches are focuses on conntrack expectations. The first
one is an improvement for the situation in which the expectation table
is full for conntrack NAT helpers. Then, another quite simple to include
a missing attribute validation. To conclude, a couple of patches oriented
to support user-space conntrack helpers.
Hope that you like them.
---
Pablo Neira Ayuso (4):
netfilter: nf_nat: better error handling of nf_ct_expect_related() in helpers
netfilter: ctnetlink: missing validation of CTA_EXPECT_ZONE attribute
netfilter: ctnetlink: allow to specify the expectation flags
netfilter: ctnetlink: add support for user-space expectation helpers
include/linux/netfilter/nf_conntrack_common.h | 5 ++
include/linux/netfilter/nfnetlink_conntrack.h | 1
include/net/netfilter/nf_conntrack_expect.h | 3 -
net/ipv4/netfilter/nf_nat_amanda.c | 9 ++++
net/ipv4/netfilter/nf_nat_ftp.c | 9 ++++
net/ipv4/netfilter/nf_nat_h323.c | 53 ++++++++++++++++++++++---
net/ipv4/netfilter/nf_nat_irc.c | 9 ++++
net/ipv4/netfilter/nf_nat_sip.c | 27 +++++++++++--
net/netfilter/nf_conntrack_expect.c | 40 ++++++++++++-------
net/netfilter/nf_conntrack_netlink.c | 38 ++++++++++++------
10 files changed, 149 insertions(+), 45 deletions(-)
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
