Hello, On Sat, 29 Jun 2013, Dash Four wrote: > This series of 5 patches implements "inner" flag option in the set > iptables match, allowing matching based on the properties > (source/destination IP address, protocol, port and so on) of the > original (inner) connection in the event of the following > ICMP[v4,v6] messages: > > ICMPv4 destination-unreachable (code 3); > ICMPv4 source-quench (code 4); > ICMPv4 time-exceeded (code 11); > ICMPv6 destination-unreachable (code 1); > ICMPv6 packet-too-big (code 2); > ICMPv6 time-exceeded (code 3); > > Revision history: > > v1 * initial revision > v2 * redundant code removed; > * added a new header file (ip_set_icmp.h) with 2 inline functions, > allowing access to the internal icmp header properties; > * removed ip[46]inneraddr[ptr]functions as they are no longer needed > * added new ipv[46]addr[ptr] and ip_set_get*port functions, the old > functions are still preserved for backwards compatibility > v3 * rename and move ip_set_get_icmpv[46]_inner_hdr functions to > ip_set_core.c and remove ip_set_icmp.h > * move icmpv[46] protocol and offset checks inside > ip_set_get_ip[46]_inner_hdr functions > * eliminate ip[46]addrptr & ip_set_get_ip[46]_port backward-compatible > functions and rename the new ones to use the same name > * eliminate single-path error gotos in ip_set.h and ip_set_getport.c > > Dash Four (5): > iptables: bugfix: prevent wrong syntax being accepted by the set match > ipset: add "inner" flag implementation > ipset: add set match "inner" flag support > iptables: add set match "inner" flag support > iptables (userspace): add set match "inner" flag support I have just noticed one single issue with your patches: the revision bumping for the set types are missing. So please extend the second patch with the type revisions incremented (have a look at the hash:net type how the revision comments are kept) and add a userspace patch with the revisions bumped in userspace too (it's fine to copy the most recent ones and increase the revisions, adjust the descriptions). That's all and then the patchset is ready for inclusion. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlecsik.jozsef@xxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html