From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> Date: Mon, 10 Aug 2015 19:58:34 +0200 > The following patchset contains five Netfilter fixes for your net tree, > they are: > > 1) Silence a warning on falling back to vmalloc(). Since 88eab472ec21, we can > easily hit this warning message, that gets users confused. So let's get rid > of it. > > 2) Recently when porting the template object allocation on top of kmalloc to > fix the netns dependencies between x_tables and conntrack, the error > checks where left unchanged. Remove IS_ERR() and check for NULL instead. > Patch from Dan Carpenter. > > 3) Don't ignore gfp_flags in the new nf_ct_tmpl_alloc() function, from > Joe Stringer. > > 4) Fix a crash due to NULL pointer dereference in ip6t_SYNPROXY, patch from > Phil Sutter. > > 5) The sequence number of the Syn+ack that is sent from SYNPROXY to clients is > not adjusted through our NAT infrastructure, as a result the client may > ignore this TCP packet and TCP flow hangs until the client probes us. Also > from Phil Sutter. > > You can pull these changes from: > > git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git Pulled, thanks Pablo. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
