Though officially declared v2, this is more or less a complete rework of
the original series (though with the same goal as the first one).
Patches 1-7 fix leaks and other issues identified in xtables code.
Patches 8-10 deal with some cases of code duplication.
Patches 11-19 resolve problems in ebtables and arptables code.
Patch 22 Changes ebtables-restore implementation to make use of common
xtables input parser after making that one a bit more flexible in
patches 20 and 21.
Patch 23 contains rather large changes to ebtables code to deal with
memory leaks and faulty behaviour due to how it (has to) treat extension
loading.
Patch 24 adds implementations of arptables-save and -restore.
Patch 25 implements 'ebtables --init-table' feature used in testcases
added by the last two patches.
Phil Sutter (27):
xtables: Allocate rule cache just once
xtables: Fix for nft_rule_flush() returning garbage
xtables: Free chains in NFT_COMPAT_CHAIN_USER_DEL jobs
xtables: Free chains in NFT_COMPAT_CHAIN_ADD jobs
xtables: Fix compilation with NLDEBUG defined
xtables: Use correct built-in chain count
xtables: Fix program name in xtables_error()
Consolidate DEBUGP macros
xshared: Consolidate parse_counters()
xshared: Consolidate argv construction routines
xtables: Fix symlinks/names for ebtables-{save,restore}
ebtables: Fix for wrong program name in error messages
ebtables: Fix match_list insertion
ebtables: Print non-standard target parameters
arptables: Fix opcode printing in numeric output
arptables: Fix jumps into user-defined chains
arptables: Fix memleaks in do_commandarp()
arptables: Fix for trailing spaces in output
arptables: Print policy only for base chains
xtables-restore: Improve user-defined chain detection
xtables-restore: Make COMMIT support configurable
ebtables-restore: Use xtables_restore_parse()
ebtables: Review match/target lookup
xtables: Implement arptables-{save,restore}
ebtables: Support --init-table command
tests: Add arptables-{save,restore} testcases
tests: Add ebtables-{save,restore} testcases
extensions/libarpt_mangle.c | 40 +--
extensions/libip6t_hbh.c | 6 +-
extensions/libxt_set.h | 6 -
iptables/Makefile.am | 5 +-
iptables/ip6tables-restore.c | 127 +-------
iptables/iptables-restore.c | 127 +-------
iptables/iptables-xml.c | 87 +-----
iptables/nft-arp.c | 58 ++--
iptables/nft-bridge.c | 39 ++-
iptables/nft-shared.h | 6 +-
iptables/nft.c | 36 ++-
iptables/nft.h | 9 +-
.../arptables/0001-arptables-save-restore_0 | 58 ++++
.../0002-arptables-restore-defaults_0 | 28 ++
.../ebtables/0002-ebtables-save-restore_0 | 112 +++++++
.../ebtables/0003-ebtables-restore-defaults_0 | 33 ++
iptables/xshared.c | 137 +++++++++
iptables/xshared.h | 20 ++
iptables/xtables-arp-standalone.c | 19 +-
iptables/xtables-arp.c | 69 +++--
iptables/xtables-eb-standalone.c | 4 +-
iptables/xtables-eb.c | 85 ++----
iptables/xtables-multi.h | 2 +
iptables/xtables-nft-multi.c | 8 +-
iptables/xtables-restore.c | 287 +++++-------------
iptables/xtables-save.c | 39 +++
iptables/xtables.c | 6 +-
27 files changed, 735 insertions(+), 718 deletions(-)
create mode 100755 iptables/tests/shell/testcases/arptables/0001-arptables-save-restore_0
create mode 100755 iptables/tests/shell/testcases/arptables/0002-arptables-restore-defaults_0
create mode 100755 iptables/tests/shell/testcases/ebtables/0002-ebtables-save-restore_0
create mode 100755 iptables/tests/shell/testcases/ebtables/0003-ebtables-restore-defaults_0
--
2.18.0
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
