redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/include/uapi/linux/netfilter
History
David S. Miller 3ebb41bf47 Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 
Pablo Neira Ayuso says:

====================
Netfilter fixes for net

The following patchset contains Netfilter fixes for net:

1) Postpone chain policy update to drop after transaction is complete,
   from Florian Westphal.

2) Add entry to flowtable after confirmation to fix UDP flows with
   packets going in one single direction.

3) Reference count leak in dst object, from Taehee Yoo.

4) Check for TTL field in flowtable datapath, from Taehee Yoo.

5) Fix h323 conntrack helper due to incorrect boundary check,
   from Jakub Jankowski.

6) Fix incorrect rcu dereference when fetching basechain stats,
   from Florian Westphal.

7) Missing error check when adding new entries to flowtable,
   from Taehee Yoo.

8) Use version field in nfnetlink message to honor the nfgen_family
   field, from Kristian Evensen.

9) Remove incorrect configuration check for CONFIG_NF_CONNTRACK_IPV6,
   from Subash Abhinov Kasiviswanathan.

10) Prevent dying entries from being added to the flowtable,
    from Taehee Yoo.

11) Don't hit WARN_ON() with malformed blob in ebtables with
    trailing data after last rule, reported by syzbot, patch
    from Florian Westphal.

12) Remove NFT_CT_TIMEOUT enumeration, never used in the kernel
    code.

13) Fix incorrect definition for NFT_LOGLEVEL_MAX, from Florian
    Westphal.

This batch comes with a conflict that can be fixed with this patch:

diff --cc include/uapi/linux/netfilter/nf_tables.h
index 7bdb234f3d8c,f0cf7b0f4f35..505393c6e959
--- a/include/uapi/linux/netfilter/nf_tables.h
+++ b/include/uapi/linux/netfilter/nf_tables.h
@@@ -966,6 -966,8 +966,7 @@@ enum nft_socket_keys
   * @NFT_CT_DST_IP: conntrack layer 3 protocol destination (IPv4 address)
   * @NFT_CT_SRC_IP6: conntrack layer 3 protocol source (IPv6 address)
   * @NFT_CT_DST_IP6: conntrack layer 3 protocol destination (IPv6 address)
 - * @NFT_CT_TIMEOUT: connection tracking timeout policy assigned to conntrack
+  * @NFT_CT_ID: conntrack id
   */
  enum nft_ct_keys {
  	NFT_CT_STATE,
@@@ -991,6 -993,8 +992,7 @@@
  	NFT_CT_DST_IP,
  	NFT_CT_SRC_IP6,
  	NFT_CT_DST_IP6,
 -	NFT_CT_TIMEOUT,
+ 	NFT_CT_ID,
  	__NFT_CT_MAX
  };
  #define NFT_CT_MAX		(__NFT_CT_MAX - 1)

That replaces the unused NFT_CT_TIMEOUT definition by NFT_CT_ID. If you prefer,
I can also solve this conflict here, just let me know.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
 		2019-05-13 08:55:15 -07:00
..
ipset netfilter: ipset: Introduction of new commands and protocol version 7 2018-10-27 15:49:09 +02:00
nf_conntrack_common.h netfilter: nf_conntrack: Increase __IPS_MAX_BIT with new bit IPS_OFFLOAD_BIT 2018-06-07 12:45:44 +02:00
nf_conntrack_ftp.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
nf_conntrack_sctp.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
nf_conntrack_tcp.h netfilter: Fix handling simultaneous open in TCP conntrack 2018-04-27 00:39:29 +02:00
nf_conntrack_tuple_common.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
nf_log.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
nf_nat.h netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
nf_tables.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2019-05-13 08:55:15 -07:00
nf_tables_compat.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
nfnetlink.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
nfnetlink_acct.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
nfnetlink_compat.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
nfnetlink_conntrack.h netfilter: ctnetlink: export nf_conntrack_max 2018-05-07 00:04:02 +02:00
nfnetlink_cthelper.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
nfnetlink_cttimeout.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
nfnetlink_log.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
nfnetlink_osf.h netfilter: uapi: fix linux/netfilter/nf_osf.h userspace compilation errors 2018-08-16 19:37:09 +02:00
nfnetlink_queue.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
x_tables.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_AUDIT.h License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
xt_CHECKSUM.h License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
xt_CLASSIFY.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_CONNMARK.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_CONNSECMARK.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_CT.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_DSCP.h License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
xt_HMARK.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_IDLETIMER.h License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
xt_LED.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_LOG.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_MARK.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_NFLOG.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_NFQUEUE.h License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
xt_RATEEST.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_SECMARK.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_SYNPROXY.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_TCPMSS.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_TCPOPTSTRIP.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_TEE.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_TPROXY.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_addrtype.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_bpf.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_cgroup.h netfilter: xt_cgroup: shrink size of v2 path 2018-09-17 16:11:03 +02:00
xt_cluster.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_comment.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_connbytes.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_connlabel.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_connlimit.h netfilter: connlimit: split xt_connlimit into front and backend 2018-01-08 18:01:22 +01:00
xt_connmark.h netfilter: xt_conntrack: Support bit-shifting for CONNMARK & MARK targets. 2018-03-20 13:41:41 +01:00
xt_conntrack.h License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
xt_cpu.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_dccp.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_devgroup.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_dscp.h License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
xt_ecn.h License cleanup: add SPDX license identifier to uapi header files with a license 2017-11-02 11:20:11 +01:00
xt_esp.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_hashlimit.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_helper.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_ipcomp.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_iprange.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_ipvs.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_l2tp.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_length.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_limit.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_mac.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_mark.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_multiport.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_nfacct.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_osf.h netfilter: uapi: fix linux/netfilter/nf_osf.h userspace compilation errors 2018-08-16 19:37:09 +02:00
xt_owner.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_physdev.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_pkttype.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_policy.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_quota.h Revert "netfilter: xt_quota: fix the behavior of xt_quota module" 2018-10-19 14:00:34 +02:00
xt_rateest.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_realm.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_recent.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_rpfilter.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_sctp.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_set.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_socket.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_state.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_statistic.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_string.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_tcpmss.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_tcpudp.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_time.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00
xt_u32.h License cleanup: add SPDX license identifier to uapi header files with no license 2017-11-02 11:19:54 +01:00