Hi Pablo,
Please consider to apply the next patches to the nf tree:
- When the support of destination MAC addresses for hash:mac sets was
introduced, it was forgotten to add the same functionality to hash:ip,mac
types of sets. The patch from Stefano Brivio adds the missing part.
- When the support of destination MAC addresses for hash:mac sets was
introduced, a copy&paste error was made in the code of the hash:ip,mac
and bitmap:ip,mac types: the MAC address in these set types is in
the second position and not in the first one. Stefano Brivio's patch
fixes the issue.
- There was still a not properly handled concurrency handling issue
between renaming and listing sets at the same time, reported by
Shijie Luo.
Best regards,
Jozsef
The following changes since commit 91826ba13855f73e252fef68369b3b0e1ed25253:
netfilter: add include guard to xt_connlabel.h (2019-07-29 15:13:41 +0200)
are available in the Git repository at:
git://blackhole.kfki.hu/nf 6c1f7e2c1b96ab9b
for you to fetch changes up to 6c1f7e2c1b96ab9b09ac97c4df2bd9dc327206f6:
netfilter: ipset: Fix rename concurrency with listing (2019-07-29 21:18:07
+0200)
----------------------------------------------------------------
Jozsef Kadlecsik (1):
netfilter: ipset: Fix rename concurrency with listing
Stefano Brivio (2):
netfilter: ipset: Actually allow destination MAC address for hash:ip,mac
sets too
netfilter: ipset: Copy the right MAC address in bitmap:ip,mac and
hash:ip,mac sets
net/netfilter/ipset/ip_set_bitmap_ipmac.c | 2 +-
net/netfilter/ipset/ip_set_core.c | 2 +-
net/netfilter/ipset/ip_set_hash_ipmac.c | 6 +-----
3 files changed, 3 insertions(+), 7 deletions(-)
