On Fri, Dec 22, 2023 at 11:42:03AM +0100, Pablo Neira Ayuso wrote: > [ resent, apparently this was only posted to netfilter-devel@xxxxxxxxxxxxxxx, > not to netdev@xxxxxxxxxxxxxxx ] For the record, previous is still in patchwork: https://patchwork.kernel.org/project/netdevbpf/patch/20231220151544.270214-1-pablo@xxxxxxxxxxxxx/ > Hi, > > The following patchset contains Netfilter fixes for net: > > 1) Skip set commit for deleted/destroyed sets, this might trigger > double deactivation of expired elements. > > 2) Fix packet mangling from egress, set transport offset from > mac header for netdev/egress. > > Both fixes address bugs already present in several releases. > > Please, pull these changes from: > > git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git nf-23-12-20 > > Thanks. > > ---------------------------------------------------------------- > > The following changes since commit 8353c2abc02cf8302d5e6177b706c1879e7b833c: > > Merge branch 'check-vlan-filter-feature-in-vlan_vids_add_by_dev-and-vlan_vids_del_by_dev' (2023-12-19 13:13:59 +0100) > > are available in the Git repository at: > > git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git tags/nf-23-12-20 > > for you to fetch changes up to 7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a: > > netfilter: nf_tables: skip set commit for deleted/destroyed sets (2023-12-20 13:48:00 +0100) > > ---------------------------------------------------------------- > netfilter pull request 23-12-20 > > ---------------------------------------------------------------- > Pablo Neira Ayuso (2): > netfilter: nf_tables: set transport offset from mac header for netdev/egress > netfilter: nf_tables: skip set commit for deleted/destroyed sets > > include/net/netfilter/nf_tables_ipv4.h | 2 +- > net/netfilter/nf_tables_api.c | 2 +- > net/netfilter/nf_tables_core.c | 2 +- > 3 files changed, 3 insertions(+), 3 deletions(-) >
