Hi David,
The following patchset contains Netfilter updates for nf-next:
1) Add IPS_HW_OFFLOAD status bit, from Bodong Wang.
2) Remove 128-bit limit on the set element data area, rise it
to 64 bytes.
3) Report EOPNOTSUPP for unsupported NAT types and flags.
4) Set up nft_nat flags from the control plane path.
5) Add helper functions to set up the nf_nat_range2 structure.
6) Add netmap support for nft_nat.
You can pull these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git
Thank you.
----------------------------------------------------------------
The following changes since commit 3fd8dc269ff0647819589c21b2ce60af6fc0a455:
net: hns3: remove an unnecessary check in hclge_set_umv_space() (2020-04-25 20:56:45 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git HEAD
for you to fetch changes up to 3ff7ddb1353da9b535e65702704cbadea1da9a00:
netfilter: nft_nat: add netmap support (2020-04-28 00:53:54 +0200)
----------------------------------------------------------------
Bodong Wang (1):
netfilter: nf_conntrack: add IPS_HW_OFFLOAD status bit
Pablo Neira Ayuso (5):
netfilter: nf_tables: allow up to 64 bytes in the set element data area
netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
netfilter: nft_nat: set flags from initialization path
netfilter: nft_nat: add helper function to set up NAT address and protocol
netfilter: nft_nat: add netmap support
include/net/netfilter/nf_tables.h | 4 +
include/uapi/linux/netfilter/nf_conntrack_common.h | 8 +-
include/uapi/linux/netfilter/nf_nat.h | 4 +-
net/netfilter/nf_conntrack_standalone.c | 4 +-
net/netfilter/nf_flow_table_offload.c | 3 +
net/netfilter/nf_tables_api.c | 38 ++++---
net/netfilter/nft_nat.c | 110 ++++++++++++++++-----
7 files changed, 129 insertions(+), 42 deletions(-)
