the following patches from my SYNPROXY tree contain some fixes and improvements for netfilter sequence number adjustment handling and two unrelated minor patches: - Remove net_ratelimit() for LOG_INVALID: ratelimiting explicitly enabled packet logging is inconsistent with other netfilter logging behaviour and makes debugging harder - Constify nf_ct_attach() source skb argument - Fix locking in nf_nat_seq_adjust(): we need to take nf_nat_seqofs lock to protect against concurrent changes to the sequence adjustment data - Increase sequence number offset size to 32 bits. When many adjustments happen in a single connection, the offsets can overflow and break the connection. - Use per-conntrack locks to protect sequence number adjustment data. Should increase scalability and additionally saves one lock/unlock operation per TCP packet. Please apply. thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
