[PATCH 0/3] ipset patches for nf-next

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Pablo,

Please consider to pull the next patches for nf-next:

- Introduction of new commands and thus protocol version 7. The
  new commands makes possible to eliminate the getsockopt interface
  of ipset and use solely netlink to communicate with the kernel.
  Due to the strict attribute checking both in user/kernel space,
  a new protocol number was introduced. Both the kernel/userspace is
  fully backward compatible.
- Make invalid MAC address checks consisten, from Stefano Brivio.
  The patch depends on the next one.
- Allow matching on destination MAC address for mac and ipmac sets,
  also from Stefano Brivio.

Best regards,
Jozsef

The following changes since commit af510ebd8913bee016492832f532ed919b51c09c:

  Revert "netfilter: xt_quota: fix the behavior of xt_quota module" (2018-10-19 14:00:34 +0200)

are available in the git repository at:

  git://blackhole.kfki.hu/nf-next 23c42a403a9cfdbad6

for you to fetch changes up to 23c42a403a9cfdbad6004a556c927be7dd61a8ee:

  netfilter: ipset: Introduction of new commands and protocol version 7 (2018-10-27 15:49:09 +0200)

----------------------------------------------------------------
Jozsef Kadlecsik (1):
      netfilter: ipset: Introduction of new commands and protocol version 7

Stefano Brivio (2):
      netfilter: ipset: Allow matching on destination MAC address for mac and ipmac sets
      netfilter: ipset: Make invalid MAC address checks consistent

 include/linux/netfilter/ipset/ip_set.h      |   2 +-
 include/uapi/linux/netfilter/ipset/ip_set.h |  19 ++--
 net/netfilter/ipset/ip_set_bitmap_ipmac.c   |  13 ++-
 net/netfilter/ipset/ip_set_core.c           | 164 +++++++++++++++++++++++++---
 net/netfilter/ipset/ip_set_hash_ipmac.c     |  27 ++---
 net/netfilter/ipset/ip_set_hash_mac.c       |  10 +-
 6 files changed, 187 insertions(+), 48 deletions(-)



[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux