Hi David,
The following batch contains Netfilter updates for net-next, they are:
1) Move nft_expr_clone() to nft_dynset, from Paul Gortmaker.
2) Do not include module.h from net/netfilter/nf_tables.h,
also from Paul.
3) Restrict conntrack sysctl entries to boolean, from Tonghao Zhang.
4) Several patches to add infrastructure to autoload NAT helper
modules from their respective conntrack helper, this also includes
the first client of this code in OVS, patches from Flavio Leitner.
5) Add support to match for conntrack ID, from Brett Mastbergen.
6) Spelling fix in connlabel, from Colin Ian King.
7) Use struct_size() from hashlimit, from Gustavo A. R. Silva.
8) Add optimized version of nf_inet_addr_mask(), from Li RongQing.
You can pull these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git
Thanks!
----------------------------------------------------------------
The following changes since commit 7a1d8390d015a13c42b1effa1f22fda0858fe6f9:
net: phy: micrel: make sure the factory test bit is cleared (2019-04-29 23:17:21 -0400)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git HEAD
for you to fetch changes up to 522e4077e8dcdfc5b8e96469d3bc2324bc5d6466:
netfilter: slightly optimize nf_inet_addr_mask (2019-05-06 01:18:58 +0200)
----------------------------------------------------------------
Brett Mastbergen (1):
netfilter: nft_ct: Add ct id support
Colin Ian King (1):
netfilter: connlabels: fix spelling mistake "trackling" -> "tracking"
Flavio Leitner (4):
netfilter: use macros to create module aliases.
netfilter: add API to manage NAT helpers.
netfilter: nf_nat: register NAT helpers.
openvswitch: load and reference the NAT helper.
Gustavo A. R. Silva (1):
netfilter: xt_hashlimit: use struct_size() helper
Li RongQing (1):
netfilter: slightly optimize nf_inet_addr_mask
Paul Gortmaker (3):
netfilter: nf_tables: relocate header content to consumer
netfilter: nf_tables: fix implicit include of module.h
netfilter: nf_tables: drop include of module.h from nf_tables.h
Tonghao Zhang (1):
netfilter: conntrack: limit sysctl setting for boolean options
include/linux/netfilter.h | 9 +++
include/net/netfilter/nf_conntrack_helper.h | 24 ++++++++
include/net/netfilter/nf_tables.h | 20 +------
include/net/netns/conntrack.h | 6 +-
include/uapi/linux/netfilter/nf_tables.h | 2 +
net/ipv4/netfilter/nf_nat_h323.c | 2 +-
net/ipv4/netfilter/nf_nat_pptp.c | 2 +-
net/netfilter/nf_conntrack_amanda.c | 8 ++-
net/netfilter/nf_conntrack_ftp.c | 18 +++---
net/netfilter/nf_conntrack_helper.c | 86 +++++++++++++++++++++++++++++
net/netfilter/nf_conntrack_irc.c | 6 +-
net/netfilter/nf_conntrack_sane.c | 12 ++--
net/netfilter/nf_conntrack_sip.c | 28 +++++-----
net/netfilter/nf_conntrack_standalone.c | 48 +++++++++++-----
net/netfilter/nf_conntrack_tftp.c | 18 +++---
net/netfilter/nf_nat_amanda.c | 9 ++-
net/netfilter/nf_nat_ftp.c | 9 ++-
net/netfilter/nf_nat_irc.c | 9 ++-
net/netfilter/nf_nat_sip.c | 9 ++-
net/netfilter/nf_nat_tftp.c | 9 ++-
net/netfilter/nf_tables_set_core.c | 1 +
net/netfilter/nft_ct.c | 8 +++
net/netfilter/nft_dynset.c | 17 ++++++
net/netfilter/xt_connlabel.c | 2 +-
net/netfilter/xt_hashlimit.c | 3 +-
net/openvswitch/conntrack.c | 26 +++++++--
26 files changed, 302 insertions(+), 89 deletions(-)
