Re: [PATCH v2] netfilter: properly initialize xt_table_info structure

2018-05-17 Thread Jan Engelhardt
On Thursday 2018-05-17 12:09, Greg Kroah-Hartman wrote: >> > --- a/net/netfilter/x_tables.c >> > +++ b/net/netfilter/x_tables.c >> > @@ -1183,11 +1183,10 @@ struct xt_table_info *xt_alloc_table_info(unsigned >> > int size) >> > * than shoot all processes down before realizing there is

Re: [PATCH RFC 0/4] net: add bpfilter

2018-02-19 Thread Jan Engelhardt
On Monday 2018-02-19 16:32, David Miller wrote: >From: Harald Welte >Date: Mon, 19 Feb 2018 16:23:21 +0100 > >> Also, as long as legacy ip_tables/x_tables is still in the kernel, you >> can still run your old userspace against that old implementation in the >> kernel. >

Re: [PATCH net] netfilter: xt_hashlimit: do not allow empty names

2018-02-02 Thread Jan Engelhardt
On Friday 2018-02-02 12:55, Pablo Neira Ayuso wrote: >On Fri, Feb 02, 2018 at 12:49:38PM +0100, Pablo Neira Ayuso wrote: >[...] >> bool net_valid_name(const char *name, size_t len) >> { >> ... >> } > >Am I missing anything in all these tricky string handling? Thanks! One will have to

Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)

2018-01-29 Thread Jan Engelhardt
On Monday 2018-01-29 17:57, Florian Westphal wrote: >> > > vmalloc() once became killable by commit 5d17a73a2ebeb8d1 ("vmalloc: back >> > > off when the current task is killed") but then became unkillable by >> > > commit >> > > b8c8a338f75e052d ("Revert "vmalloc: back off when the current task

Re: netfilter: xt_bpf: ABI issue in xt_bpf_info_v1?

2017-09-13 Thread Jan Engelhardt
On Wednesday 2017-09-13 15:24, Shmulik Ladkani wrote: > >One way to fix is to have iptables open the object (using the stored >xt_bpf_info_v1->path), gaining a new process local fd for the object, >just after getting the rules from IPT_SO_GET_ENTRIES. >However we didn't see any other extensions

Re: net-next STATUS page

2017-07-13 Thread Jan Engelhardt
On Thursday 2017-07-13 13:32, Saeed Mahameed wrote: >>> Therefore, in order to avoid any and all confusion I have created this web site: http://vger.kernel.org/~davem/net-next.html > > You will need an image processing algorithm to determine whether it is open or > close, i

Re: [PATCH] net: netfilter: Replace explicit NULL comparisons

2017-04-09 Thread Jan Engelhardt
On Sunday 2017-04-09 05:42, Arushi Singhal wrote: >On Sun, Apr 9, 2017 at 1:44 AM, Pablo Neira Ayuso <pa...@netfilter.org> wrote: > On Sat, Apr 08, 2017 at 08:21:56PM +0200, Jan Engelhardt wrote: > > On Saturday 2017-04-08 19:21, Arushi Singhal wrote: > > &g

Re: [PATCH] net: netfilter: Replace explicit NULL comparisons

2017-04-08 Thread Jan Engelhardt
On Saturday 2017-04-08 19:21, Arushi Singhal wrote: >Replace explicit NULL comparison with ! operator to simplify code. I still wouldn't do this, for the same reason as before. Comparing to NULL explicitly more or less gave an extra guarantee that the other operand was also a pointer.

Re: [PATCH v2] netfilter: Clean up tests if NULL returned on failure

2017-03-29 Thread Jan Engelhardt
On Wednesday 2017-03-29 11:15, SIMRAN SINGHAL wrote: >> dest = kzalloc(sizeof(struct ip_vs_dest), GFP_KERNEL); >>- if (dest == NULL) >>+ if (!dest) >> return -ENOMEM; > >But, according to me we should prefer !var over ( var ==NULL ) according to the

Re: [PATCH v2] netfilter: Clean up tests if NULL returned on failure

2017-03-29 Thread Jan Engelhardt
On Tuesday 2017-03-28 18:23, SIMRAN SINGHAL wrote: >On Tue, Mar 28, 2017 at 7:24 PM, Jan Engelhardt <jeng...@inai.de> wrote: >> On Tuesday 2017-03-28 15:13, simran singhal wrote: >> >>>Some functions like kmalloc/kzalloc return NULL on failure. When NULL >>>

Re: [PATCH] netfilter: ipset: Use max macro instead of ternary operator

2017-03-28 Thread Jan Engelhardt
On Tuesday 2017-03-28 15:32, simran singhal wrote: >This patch replaces ternary operator with macro max as it shorter and >thus increases code readability. > >- return (ret < 0 ? 0 : ret); >+ return max(0, ret); While the two are functionally equivalent, "max" conveys a meaning of

Re: [PATCH v2] netfilter: Clean up tests if NULL returned on failure

2017-03-28 Thread Jan Engelhardt
On Tuesday 2017-03-28 15:13, simran singhal wrote: >Some functions like kmalloc/kzalloc return NULL on failure. When NULL >represents failure, !x is commonly used. > >@@ -910,7 +910,7 @@ ip_vs_new_dest(struct ip_vs_service *svc, struct >ip_vs_dest_user_kern *udest, > } > > dest =

Re: [PATCH] net: Remove unnecessary cast on void pointer

2017-03-28 Thread Jan Engelhardt
On Tuesday 2017-03-28 14:50, simran singhal wrote: >The following Coccinelle script was used to detect this: >@r@ >expression x; >void* e; >type T; >identifier f; >@@ >( > *((T *)e) >| > ((T *)x)[...] >| > ((T*)x)->f >| > >- (T*) > e >) > >Signed-off-by: simran singhal

Re: [PATCH v2 7/7] uapi: export all headers under uapi directories

2017-01-12 Thread Jan Engelhardt
On Thursday 2017-01-12 16:52, Nicolas Dichtel wrote: >Le 09/01/2017 à 13:56, Christoph Hellwig a écrit : >> On Fri, Jan 06, 2017 at 10:43:59AM +0100, Nicolas Dichtel wrote: >>> Regularly, when a new header is created in include/uapi/, the developer >>> forgets to add it in the corresponding

Re: [PATCH v3 2/2] netfilter: Create revision 2 of xt_hashlimit to support higher pps rates

2016-09-22 Thread Jan Engelhardt
On Thursday 2016-09-22 18:43, Vishwanath Pai wrote: >+struct hashlimit_cfg2 { >+ __u32 mode; /* bitmask of XT_HASHLIMIT_HASH_* */ >+ __u64 avg;/* Average secs between packets * scale */ >+ __u64 burst; /* Period multiplier for upper limit. */ This would have different

Re: [PATCH 1116/1285] Replace numeric parameter like 0444 with macro

2016-08-02 Thread Jan Engelhardt
On Tuesday 2016-08-02 14:17, Baole Ni wrote: >I find that the developers often just specified the numeric value >when calling a macro which is defined with a parameter for access permission. >As we know, these numeric value for access permission have had the >corresponding macro, >and that

Re: BUG: net/netfilter: KASAN: stack-out-of-bounds in tcp_packet

2016-03-28 Thread Jan Engelhardt
On Monday 2016-03-28 21:29, David Miller wrote: >>> > > @@ -3716,6 +3716,8 @@ void tcp_parse_options(const struct sk_buff *skb, >>> > > length--; >>> > > continue; >>> > > default: >>> > > +if (length < 2) >>> > > +return; >>> > >

RE: [PATCH 9/9] netfilter: implement xt_cgroup cgroup2 path match

2015-11-23 Thread Jan Engelhardt
On Monday 2015-11-23 18:35, David Laight wrote: >From: Florian Westphal >> Sent: 21 November 2015 16:56 >> > +struct xt_cgroup_info_v1 { >> > + charpath[PATH_MAX]; >> > + __u32 classid; >> > + >> > + /* kernel internal data */ >> > + void*priv

Re: [PATCH 9/9] netfilter: implement xt_cgroup cgroup2 path match

2015-11-21 Thread Jan Engelhardt
On Saturday 2015-11-21 19:54, Florian Westphal wrote: > >The only other question I have is wheter PATH_MAX might be a possible >ABI breaker in future. It would have to be guaranteed that this is the >same size forever, else you'd get strange errors on rule insertion if >the sizes of the kernel

Re: [PATCH 1/5] cgroup: record ancestor IDs and reimplement cgroup_is_descendant() using it

2015-11-17 Thread Jan Engelhardt
On Tuesday 2015-11-17 20:40, Tejun Heo wrote: >+static inline bool cgroup_is_descendant(struct cgroup *cgrp, >+ struct cgroup *ancestor) (const struct group *cgrp, const struct group *ancestor) >+{ >+ if (cgrp->root != ancestor->root || cgrp->level <

Re: [PATCH iptables] libxt_cgroup2: add support for cgroup2 path matching

2015-11-17 Thread Jan Engelhardt
On Tuesday 2015-11-17 20:42, Tejun Heo wrote: >+static void cgroup2_save(const void *ip, const struct xt_entry_match *match) >+{ >+ const struct xt_cgroup2_info *info = (void *)match->data; >+ >+ printf("%s --path %s", info->invert ? " !" : "", info->path); >+} Can cgroup path names

Re: [PATCH 2/5] kernfs: implement kernfs_walk_and_get()

2015-11-17 Thread Jan Engelhardt
On Tuesday 2015-11-17 22:20, David Miller wrote: >> +static char path_buf[PATH_MAX]; /* protected by kernfs_mutex */ >> +int len = strlen(path); > ... >> +if (len >= PATH_MAX) >> +return NULL; >> + >> +memcpy(path_buf, path, len + 1); > > static char

Re: [PATCH 5/5] netfilter: implement xt_cgroup2 match

2015-11-17 Thread Jan Engelhardt
On Tuesday 2015-11-17 20:40, Tejun Heo wrote: >@@ -0,0 +1,14 @@ >+#ifndef _XT_CGROUP2_H >+#define _XT_CGROUP2_H >+ >+#include >+ >+struct xt_cgroup2_info { >+ charpath[PATH_MAX]; >+ __u8invert; Should be included? (For PATH_MAX)

Re: [PATCH RFC 3/7] netfilter: add NF_INET_LOCAL_SOCKET_IN chain type

2015-09-30 Thread Jan Engelhardt
On Wednesday 2015-09-30 09:24, Daniel Mack wrote: > >> Drop? Makes no sense, else application would not be running in the first >> place. > >Of course you can drop certain packets at this point, depending on other >details. Say, for instance, you want to match all packets that are >received by a

Re: [ANNOUNCE] libnftnl 1.0.4 release

2015-09-16 Thread Jan Engelhardt
On Wednesday 2015-09-16 13:50, Pablo Neira Ayuso wrote: >The Netfilter project proudly presents: > >libnftnl 1.0.4 $ git diff libnftnl-1.0.3..libnftnl-1.0.4 src/libnftnl.map diff --git a/src/libnftnl.map b/src/libnftnl.map index be7b998..14ec88c 100644 --- a/src/libnftnl.map +++

[PATCH] build: must honor pkg-config flags for libmnl

2015-06-29 Thread Jan Engelhardt
The build otherwise fails if libmnl does not directly live in a standard search path. --- tipc/Makefile | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tipc/Makefile b/tipc/Makefile index 4bda8c5..d4637f8 100644 --- a/tipc/Makefile +++ b/tipc/Makefile @@ -5,8 +5,11 @@

Re: [PATCH 2/4] netfilter: default CONFIG_NETFILTER_INGRESS to y

2015-05-29 Thread Jan Engelhardt
On Friday 2015-05-29 01:44, Pablo Neira Ayuso wrote: Useful to compile-test all options. --- a/net/netfilter/Kconfig +++ b/net/netfilter/Kconfig @@ -3,6 +3,7 @@ menu Core Netfilter Configuration config NETFILTER_INGRESS bool Netfilter ingress support + default y select

lockdep warnings in ipv6

2008-02-24 Thread Jan Engelhardt
Hi, when doing IPv6 (ping6, ssh otherhost, etc.), lockdep spews a warning in 2.6.25-rc2 on the target. CONFIG_..._FRAME_POINTER is off, CONFIG_SCHED_NO_NO_OMIT_FRAME_POINTER=y # CONFIG_FRAME_POINTER is not set so I am not sure if the stack trace is worth something, is it? [ 449.168320]

Re: [NETFILTER]: Introduce nf_inet_address

2008-02-22 Thread Jan Engelhardt
On Feb 22 2008 16:44, Patrick McHardy wrote: Pablo Neira Ayuso wrote: Patrick McHardy wrote: Yes, that was a bug in the lastest release. We need to release a 1.4.1 version or something like that, but I'm not too familiar with the release process, so I haven't done this so far. I can

Re: [NETFILTER]: Introduce nf_inet_address

2008-02-20 Thread Jan Engelhardt
On Feb 19 2008 15:45, Patrick McHardy wrote: It's in busybox 1.9.1. Just including netinet/in.h seems to be sufficient to make it happy again. I wonder if netfilter.h should include that for itself? That would break iptables compilation, which already includes linux/in.h in some files. I

Re: [RFC PATCH 3/8] [NET]: uninline dev_alloc_skb, de-bloats a lot

2008-02-20 Thread Jan Engelhardt
On Feb 20 2008 15:47, Ilpo Järvinen wrote: -23668 392 funcs, 104 +, 23772 -, diff: -23668 --- dev_alloc_skb -static inline struct sk_buff *dev_alloc_skb(unsigned int length) -{ - return __dev_alloc_skb(length, GFP_ATOMIC); -} +extern struct sk_buff *dev_alloc_skb(unsigned int length);

Re: [RFC PATCH 3/8] [NET]: uninline dev_alloc_skb, de-bloats a lot

2008-02-20 Thread Jan Engelhardt
On Feb 20 2008 17:27, Patrick McHardy wrote: Striking. How can this even happen? A callsite which calls dev_alloc_skb(n) is just equivalent to __dev_alloc_skb(n, GFP_ATOMIC); which means there's like 4 (or 8 if it's long) bytes more on the stack. For a worst case, count in another

Netfilter fixes to 2.6.24-git

2008-02-10 Thread Jan Engelhardt
Hi to everyone, I have been unable to reach the netfilter and net maintainers the past week regarding inclusion of patches, but most importantly a group of fixes at [0]-[3]. I am kind of at a loss here but to turn up the volume and write to more people on how to proceed. thanks, Jan [0]

Re: [PATCH] Add IPv6 support to TCP SYN cookies

2008-02-05 Thread Jan Engelhardt
On Feb 5 2008 16:55, Andi Kleen wrote: On Mon, Feb 04, 2008 at 03:01:01PM -0800, Glenn Griffin wrote: Add IPv6 support to TCP SYN cookies. This is written and tested against 2.6.24, and applies cleanly to linus' current HEAD (d2fc0b). Unfortunately linus' HEAD breaks my sky2 card at the

Re: [1/2] POHMELFS - network filesystem with local coherent cache.

2008-01-31 Thread Jan Engelhardt
On Jan 31 2008 22:17, Evgeniy Polyakov wrote: POHMELFS stands for Parallel Optimized Host Message Exchange Layered File System. It allows to mount remote servers to local directory via network. This filesystem supports local caching and writeback flushing. POHMELFS is a brick in a future

Re: [PATCH] [SIS190] Constify data marked as __devinitdata

2008-01-30 Thread Jan Engelhardt
On Jan 30 2008 11:53, Jonas Bonn wrote: This fixes build error as gcc complains about a section type conflict due to the const __devinitdata in sis190_get_mac_addr_from_apc(). -static struct pci_device_id sis190_pci_tbl[] __devinitdata = { +static const struct pci_device_id sis190_pci_tbl[]

Re: [PATCH] [SIS190] Constify data marked as __devinitdata

2008-01-30 Thread Jan Engelhardt
On Jan 30 2008 12:25, Sam Ravnborg wrote: We have just introduced __initconst, __cpuinitconst, __meminitconst for const data. So the patch is wrong. Oh joy, more tags. Is it actually possible to combine const with __devinitconst now? static const uint16_t foo[] __devinitconst = { ... }; -- To

Re: Udev coldplugging loads 8139too driver instead of 8139cp

2008-01-29 Thread Jan Engelhardt
On Jan 29 2008 18:34, Jon Masters wrote: On Tue, 2008-01-29 at 03:46 +0300, Michael Tokarev wrote: Udev in fact loads both - 8139cp and 8139too. The difference is the ORDER in which it loads them - if for cp-handled hardware it first loads too, too will complain as above and will NOT claim

[PATCH] [AF_X25]: constify function pointer tables

2008-01-22 Thread Jan Engelhardt
Signed-off-by: Jan Engelhardt [EMAIL PROTECTED] --- net/x25/x25_proc.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/net/x25/x25_proc.c b/net/x25/x25_proc.c index 7d55e50..3faec8e 100644 --- a/net/x25/x25_proc.c +++ b/net/x25/x25_proc.c @@ -287,7 +287,7 @@ static const

[PATCH] [AF_RXRPC]: constify function pointer tables

2008-01-22 Thread Jan Engelhardt
Signed-off-by: Jan Engelhardt [EMAIL PROTECTED] --- net/rxrpc/ar-call.c |2 +- net/rxrpc/ar-internal.h |6 +++--- net/rxrpc/ar-proc.c |6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/net/rxrpc/ar-call.c b/net/rxrpc/ar-call.c index 3c04b00..d923124

Re: [PATCH] IPv4: Enable use of 240/4 address space

2008-01-19 Thread Jan Engelhardt
broadcast address (vs subnet broadcast address, which can be forwarded by routers). From 84bccef295aa9754ee662191e32ba1d64edce2ba Mon Sep 17 00:00:00 2001 From: Jan Engelhardt [EMAIL PROTECTED] Date: Fri, 18 Jan 2008 02:10:44 +0100 Subject: [PATCH] IPv4: enable use of 240/4 address space This short

Re: [PATCH 001/001] ipv4: enable use of 240/4 address space

2008-01-17 Thread Jan Engelhardt
On Jan 7 2008 17:10, Vince Fuller wrote: --- net/ipv4/devinet.c.orig2007-04-12 10:16:23.0 -0700 +++ net/ipv4/devinet.c 2008-01-07 16:55:59.0 -0800 @@ -594,6 +594,8 @@ static __inline__ int inet_abc_len(__be3 rc = 16; else if

[PATCH] IPv4: Enable use of 240/4 address space

2008-01-17 Thread Jan Engelhardt
44762168d7cbefc4f8753a79d99a761cbd9875d9 Author: Jan Engelhardt [EMAIL PROTECTED] Date: Fri Jan 18 02:10:44 2008 +0100 IPv4: enable use of 240/4 address space This short patch modifies the IPv4 networking to enable use of the 240.0.0.0/4 (aka class-E) address space as propsed in the internet draft draft

Re: [PATCH] IPv4: Enable use of 240/4 address space

2008-01-17 Thread Jan Engelhardt
the name anyway, e.g., ipv6_is_limited_broadcast() or some something alike. === Author: Jan Engelhardt [EMAIL PROTECTED] Date: Fri Jan 18 02:51:34 2008 +0100 IPv4: enable use of 240/4 address space This short patch modifies the IPv4 networking to enable use of the 240.0.0.0/4 (aka

Re: [PATCH 001/001] ipv4: enable use of 240/4 address space

2008-01-12 Thread Jan Engelhardt
On Jan 11 2008 17:49, David Miller wrote: From: Vince Fuller [EMAIL PROTECTED] Date: Fri, 11 Jan 2008 09:29:15 -0800 I leave it up to you, the developers, to decide if you want to use these patches. Vince, please just ignore these turkeys who are dismissing your patch and respin it against

Re: sparc oops in ip_fast_csum

2008-01-05 Thread Jan Engelhardt
On Jan 6 2008 11:22, Herbert Xu wrote: @@ -271,6 +271,7 @@ static int raw_send_hdrinc(struct sock *sk, void *from, size_t length, int hh_len; struct iphdr *iph; struct sk_buff *skb; + unsigned int iphlen; int err; if (length rt-u.dst.dev-mtu) { @@

Re: After many hours all outbound connections get stuck in SYN_SENT

2007-12-20 Thread Jan Engelhardt
On Dec 20 2007 23:05, Ilpo Järvinen wrote: Given the fact that I've had this problem for so long, over a variety of networking hardware vendors and colo-facilities, this really sounds good to me. It will be challenging for me to justify a kernel core dump, but a simple patch to dump the

Re: After many hours all outbound connections get stuck in SYN_SENT

2007-12-19 Thread Jan Engelhardt
On Dec 19 2007 12:43, James Nichols wrote: On 12/19/07, Eric Dumazet [EMAIL PROTECTED] wrote: James Nichols a écrit : So you see outgoing SYN packets, but no SYN replies coming from the remote peer ? (you mention ACKS, but the first packet received from the remote peer should be a

Re: After many hours all outbound connections get stuck in SYN_SENT

2007-12-18 Thread Jan Engelhardt
On Dec 18 2007 21:37, Eric Dumazet wrote: If turning off tcp_sack makes the problem go away, why dont you turn it off all the time ? That would just be workaround. I welcome the efforts to track this; not all users have the time to do so. Disabling tcp_sack also disabled it kernel-wide,

Re: [PATCH net-2.6.25 1/8] Create ipv4_is_type(__be32 addr) functions

2007-12-17 Thread Jan Engelhardt
On Dec 13 2007 15:38, Joe Perches wrote: Change IPV4 specific macros LOOPBACK MULTICAST LOCAL_MCAST BADCLASS and ZERONET macros to inline functions ipv4_is_type(__be32 addr) Adds type safety and arguably some readability. Changes since last submission: Removed ipv4_addr_octets function Used

Re: [PATCH net-2.6.25 1/8] Create ipv4_is_type(__be32 addr) functions

2007-12-17 Thread Jan Engelhardt
On Dec 17 2007 14:43, David Miller wrote: On Dec 13 2007 15:38, Joe Perches wrote: +static inline bool ipv4_is_private_10(__be32 addr) +{ + return (addr htonl(0xff00)) == htonl(0x0a00); +} What are these functions needed for, even? There does not seem to be any code (at least

Re: [PATCHv6 iptables]Interface group match

2007-11-29 Thread Jan Engelhardt
On Nov 29 2007 17:27, Patrick McHardy wrote: The syntax name/0xmask is simply too strange for me. Then how about name/name with masks also defined in rt_ifgroup? The same question applies for marks of course. I would find that confusing, which is why the new xt_TOS only allows names when no

Re: netconsole=y and rtl8139=m

2007-11-20 Thread Jan Engelhardt
On Nov 20 2007 02:57, Mike Frysinger wrote: On Nov 20, 2007 2:17 AM, Jan Engelhardt [EMAIL PROTECTED] wrote: I get this during boot: [ 40.821740] netconsole: eth1 doesn't exist, aborting. Given that CONFIG_NETCONSOLE=y and CONFIG_8139TOO=m, I can imagine. Is there a way to get

Re: [PATCHv6 0/3] Interface group patches

2007-11-20 Thread Jan Engelhardt
On Nov 20 2007 14:14, Laszlo Attila Toth wrote: This is the 6th version of our interface group patches. The interface group value can be used to manage different interfaces at the same time such as in netfilter/iptables. I take it you could not use...? iptables -i iif1 -j dosomething

netconsole=y and rtl8139=m

2007-11-19 Thread Jan Engelhardt
Hi, I get this during boot: [ 40.821740] netconsole: eth1 doesn't exist, aborting. Given that CONFIG_NETCONSOLE=y and CONFIG_8139TOO=m, I can imagine. Is there a way to get this working without making 8139TOO=y or NETCONSOLE=m? thanks, Jan - To unsubscribe from this list: send the line

Re: [PATCH 2/2] netdrvr/ibmlana: move away from legacy MCA API

2007-10-29 Thread Jan Engelhardt
On Oct 29 2007 15:33, Jeff Garzik wrote: +#if 0 /* info available elsewhere, but this is kept for reference */ It is available in the git history, yes, is it still needed for reference? +static short ibmlana_adapter_ids[] __initdata = { + IBM_LANA_ID, + 0x +}; + +static char

Re: drivers/net/sunhme.c patch

2007-10-29 Thread Jan Engelhardt
On Oct 29 2007 15:10, David Miller wrote: On Oct 29 2007 08:54, Tom Southerland wrote: This patch provides a unique mac address for all interfaces for the Sun QFE card (non-sparc). It takes the base mac from the first interface and increments the mac address for the other interfaces.

Re: [RFD] iptables: mangle table obsoletes filter table

2007-10-20 Thread Jan Engelhardt
On Oct 20 2007 00:47, [EMAIL PROTECTED] wrote: Sure, the idea was to mark the filter table obsolete as to make people start using the mangle table to do their filtering for new setups. The filter table would then still be available for legacy/special setups. But this would only be

Re: [PATCH 2/2] Interface group match - netfilter part

2007-10-16 Thread Jan Engelhardt
On Oct 16 2007 10:30, Patrick McHardy wrote: +static int match(const struct sk_buff *skb, Potential symbol clash, name it ifgroup_match() for example. + const struct net_device *in, + const struct net_device *out, + const struct xt_match *match, + const void

Re: [RFD] iptables: mangle table obsoletes filter table

2007-10-12 Thread Jan Engelhardt
On Oct 12 2007 16:30, Al Boldi wrote: Jan Engelhardt wrote: On Oct 12 2007 00:31, Al Boldi wrote: With the existence of the mangle table, how useful is the filter table? A similar discussion was back in March 2007. http://marc.info/?l=netfilter-develm=117394977210823w=2 http://marc.info/?l

Re: [RFD] iptables: mangle table obsoletes filter table

2007-10-12 Thread Jan Engelhardt
On Oct 12 2007 15:48, Patrick McHardy wrote: The netlink based iptables successor I'm currently working on allows to dynamically create tables with user-specified priorities and built-in chains. The only built-in tables will be those that need extra processing (mangle/nat). So it should be

Re: [RFD] iptables: mangle table obsoletes filter table

2007-10-12 Thread Jan Engelhardt
On Oct 12 2007 00:31, Al Boldi wrote: With the existence of the mangle table, how useful is the filter table? A similar discussion was back in March 2007. http://marc.info/?l=netfilter-develm=117394977210823w=2 http://marc.info/?l=netfilter-develm=117400063907706w=2 in the end, my proposal was

Re: [PATCH] Move the definition of pr_err() into kernel.h

2007-09-15 Thread Jan Engelhardt
On Sep 12 2007 12:59, Stephen Hemminger wrote: Other pr_*() macros are already defined in kernel.h, but pr_err() was defined multiple times in several other places Signed-off-by: Emil Medve [EMAIL PROTECTED] pr_error seems better than pr_err Please add the full set: pr_alert

Re: [PATCH v3] Make the pr_*() family of macros in kernel.h complete

2007-09-12 Thread Jan Engelhardt
On Sep 12 2007 11:39, Emil Medve wrote: Other/Some pr_*() macros are already defined in kernel.h, but pr_err() was defined multiple times in several other places Note http://lkml.org/lkml/2007/8/4/30 . - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message

Re: [PATCH] ipconfig.c: De-clutter IP configuration report

2007-09-10 Thread Jan Engelhardt
On Sep 10 2007 13:09, Maciej W. Rozycki wrote: The new code builds fine; no semantic changes. Please apply, Maciej patch-mips-2.6.23-rc5-20070904-ipconfig-printk-2 diff -up --recursive --new-file linux-mips-2.6.23-rc5-20070904.macro/net/ipv4/ipconfig.c

Re: Fwd: That whole Linux stealing our code thing

2007-09-02 Thread Jan Engelhardt
On Sep 1 2007 18:36, Theo de Raadt wrote: When companies have taken our wireless device drivers, many many of them have given changes and fixes back. Some maybe didn't, but that is OK. For companies it's ok, but for linux people it is not? (1) You do not know how much of the modifications

Re: [PATCH] net/, drivers/net/ , missing EXPERIMENTAL in menus

2007-08-31 Thread Jan Engelhardt
On Aug 31 2007 14:06, Jeff Garzik wrote: something like BROKEN, though, has *nothing* to do with maturity. a feature can be any of those maturity levels, and simultaneously be BROKEN. i consider BROKEN to be what i call a status, and different status levels might be the default of normal,

Re: Distributed storage. Mirroring to any number of devices.

2007-08-14 Thread Jan Engelhardt
On Aug 14 2007 20:29, Evgeniy Polyakov wrote: I'm pleased to announce second release of the distributed storage subsystem, which allows to form a storage on top of remote and local nodes, which in turn can be exported to another storage as a node to form tree-like storages. I'll be quick: what

Re: [RFD] Layering: Use-Case Composers (was: DRBD - what is it, anyways? [compare with e.g. NBD + MD raid])

2007-08-12 Thread Jan Engelhardt
On Aug 12 2007 13:35, Al Boldi wrote: Lars Ellenberg wrote: meanwhile, please, anyone interessted, the drbd paper for LinuxConf Eu 2007 is finalized. http://www.drbd.org/fileadmin/drbd/publications/ drbd8.linux-conf.eu.2007.pdf but it does give a good overview about what DRBD actually is,

Re: [RFD] Layering: Use-Case Composers (was: DRBD - what is it, anyways? [compare with e.g. NBD + MD raid])

2007-08-12 Thread Jan Engelhardt
On Aug 12 2007 09:39, [EMAIL PROTECTED] wrote: now, I am not an expert on either option, but three are a couple things that I would question about the DRDB+MD option 1. when the remote machine is down, how does MD deal with it for reads and writes? I suppose it kicks the drive and you'd

Re: TCP SACK issue, hung connection, tcpdump included

2007-07-29 Thread Jan Engelhardt
On Jul 29 2007 08:45, Willy Tarreau wrote: On Sun, Jul 29, 2007 at 06:59:26AM +0100, Darryl L. Miles wrote: CLIENT = Linux 2.6.20.1-smp [Customer build] SERVER = Linux 2.6.9-55.ELsmp [Red Hat Enterprise Linux AS release 4 (Nahant Update 5)] The problems start around time index

Re: [PATCH] CONFIG_NET=n - lots of link time errors

2007-07-22 Thread Jan Engelhardt
On Jul 21 2007 19:12, David Miller wrote: Enabling drivers from Devices Networking (in menuconfig), for example SLIP and/or PLIP, throws link time errors when CONFIG_NET itself is =n. Have CONFIG_NETDEVICES depend on CONFIG_NET. Signed-off-by: Jan Engelhardt [EMAIL PROTECTED

[PATCH] CONFIG_NET=n - lots of link time errors

2007-07-21 Thread Jan Engelhardt
CONFIG_NETDEVICES depend on CONFIG_NET. Signed-off-by: Jan Engelhardt [EMAIL PROTECTED] --- drivers/net/Kconfig |1 + 1 file changed, 1 insertion(+) Index: linux-2.6.23/drivers/net/Kconfig === --- linux-2.6.23.orig/drivers/net

Re: Scaling Max IP address limitation

2007-06-25 Thread Jan Engelhardt
On Jun 25 2007 11:47, Robert Iakobashvili wrote: I am getting after initial successes some errors: rtnl_talk(): RTNETLINK answers: Cannot allocate memory and #ip addr | wc-l is 8194. I'd be surprised if it was 4096 on x86 and 8192 on x86_64... Jan -- - To unsubscribe from this

Re: Scaling Max IP address limitation

2007-06-25 Thread Jan Engelhardt
On Jun 25 2007 12:41, Robert Iakobashvili wrote: I am getting after initial successes some errors: rtnl_talk(): RTNETLINK answers: Cannot allocate memory and #ip addr | wc-l is 8194. I'd be surprised if it was 4096 on x86 and 8192 on x86_64... Missed to mention: the CPU is Pentium-4.

Re: Scaling Max IP address limitation

2007-06-24 Thread Jan Engelhardt
On Jun 24 2007 15:08, Kyle Moffett wrote: Do you really need that many IP addresses? When somebody finally gets around to implementing REDIRECT support for ip6tables then you could just redirect them all to the same port on the local system. The way I see it, it's: if someone gets around to

DCCP: 2.6.22-rc5-git8 compile warning

2007-06-24 Thread Jan Engelhardt
git tree a06381fec77bf88ec6c5eb6324457cb04e9ffd69 (last commit ID) gives: /ws/linux-2.6.22/net/dccp/ipv4.c:589: warning: initialization from incompatible /ws/linux-2.6.22/net/dccp/ipv6.c:387: warning: initialization from incompatible [pointer type - `less` cut it off from the 80 col screen]

Re: DCCP: 2.6.22-rc5-git8 compile warning

2007-06-24 Thread Jan Engelhardt
git tree a06381fec77bf88ec6c5eb6324457cb04e9ffd69 (last commit ID) gives: /ws/linux-2.6.22/net/dccp/ipv4.c:589: warning: initialization from incompatible /ws/linux-2.6.22/net/dccp/ipv6.c:387: warning: initialization from incompatible Extra patches with quilt caused that. Sorry for the noise.

Re: Scaling Max IP address limitation

2007-06-24 Thread Jan Engelhardt
On Jun 24 2007 13:44, [EMAIL PROTECTED] wrote: On Jun 24 2007 15:08, Kyle Moffett wrote: Do you really need that many IP addresses? When somebody finally gets around to implementing REDIRECT support for ip6tables then you could just redirect them all to the same port on the local

Re: [PATCH] fix race in AF_UNIX

2007-06-18 Thread Jan Engelhardt
On Jun 18 2007 12:47, Alan Cox wrote: Do you want me to send the patch to Andrew instead? His attitude towards bugfixes is rather better ;) And it'll get NAKked and binned. DaveM is (as happens sometimes ;)) right to insist on the code being clean and efficient. Or see RFC 1925 number 7a.

Re: [PATCH] merge dst_discard in out into one, this decrements the vmlinux image by 21 bytes under i386 arch.

2007-05-28 Thread Jan Engelhardt
On May 28 2007 10:41, rae l wrote: diff --git a/net/core/dst.c b/net/core/dst.c index 764bccb..daa0439 100644 --- a/net/core/dst.c +++ b/net/core/dst.c @@ -111,17 +111,14 @@ out: spin_unlock(dst_lock); } -static int dst_discard_in(struct sk_buff *skb) +static int

Re: [patch 4/8] Use menuconfig objects: SCTP

2007-05-11 Thread Jan Engelhardt
On May 11 2007 10:12, Vlad Yasevich wrote: Brian Haley wrote: [EMAIL PROTECTED] wrote: diff -puN net/sctp/Kconfig~use-menuconfig-objects-sctp net/sctp/Kconfig --- a/net/sctp/Kconfig~use-menuconfig-objects-sctp +++ a/net/sctp/Kconfig @@ -2,11 +2,9 @@ # SCTP configuration # -menu SCTP

Re: [patch 08/13] Use menuconfig objects II - netdev (general+100mbit)

2007-05-11 Thread Jan Engelhardt
in menuconfig. Signed-off-by: Jan Engelhardt [EMAIL PROTECTED] Cc: Jeff Garzik [EMAIL PROTECTED] Signed-off-by: Andrew Morton [EMAIL PROTECTED] --- drivers/net/Kconfig | 167 -- drivers/net/arm/Kconfig | 12 +- drivers/net/fec_8xx/Kconfig |2 drivers

[PATCH 20/36] Use menuconfig objects II - netdev (general+100mbit)

2007-04-30 Thread Jan Engelhardt
CONFIG_NETDEVICES, CONFIG_NET_ETHERNET: Change Kconfig objects from menu, config into menuconfig so that the user can disable the whole feature without having to enter the menu first. CONFIG_SMC9194: Move it so that it appears correctly in menuconfig. Signed-off-by: Jan Engelhardt [EMAIL

[PATCH 21/36] Use menuconfig objects II - netdev/atm

2007-04-30 Thread Jan Engelhardt
Make a menuconfig out of the Kconfig objects menu, ..., endmenu, so that the user can disable all the options in that menu at once instead of having to disable each option separately. Signed-off-by: Jan Engelhardt [EMAIL PROTECTED] --- drivers/atm/Kconfig | 32

[PATCH 23/36] Use menuconfig objects II - netdev/wan

2007-04-30 Thread Jan Engelhardt
Change Kconfig objects from menu, config into menuconfig so that the user can disable the whole feature without having to enter the menu first. Signed-off-by: Jan Engelhardt [EMAIL PROTECTED] --- drivers/net/wan/Kconfig | 34 +++--- 1 file changed, 15 insertions

[PATCH 22/36] Use menuconfig objects II - netdev/pcmcia

2007-04-30 Thread Jan Engelhardt
Change Kconfig objects from menu, config into menuconfig so that the user can disable the whole feature without having to enter the menu first. Signed-off-by: Jan Engelhardt [EMAIL PROTECTED] --- drivers/net/pcmcia/Kconfig | 23 +++ 1 file changed, 7 insertions(+), 16

RE: [PATCH] IPROUTE: Modify tc for new PRIO multiqueue behavior

2007-04-26 Thread Jan Engelhardt
On Apr 25 2007 10:45, Waskiewicz Jr, Peter P wrote: BTW, is there any reason this is being cced to lkml? Since this change affects how tc interacts with the qdisc layer, I cced lkml. Fine with me, at least I get to know that tc could break :) Jan -- - To unsubscribe from this list: send

Re: [PATCH 20/30] Use menuconfig objects - ARCNET

2007-04-11 Thread Jan Engelhardt
On Apr 11 2007 10:30, Esben Nielsen wrote: On Tue, 10 Apr 2007, Jan Engelhardt wrote: (Wow, not a single MODULE_AUTHOR line in drivers/net/arcnet/ ...) ArcNet is old. Almost nobody is using it anymore. I used it at my former job, since we used it as control network. A lot of companies

[PATCH 17/30] Use menuconfig objects - IPVS

2007-04-10 Thread Jan Engelhardt
Use menuconfigs instead of menus, so the whole menu can be disabled at once instead of going through all options. Signed-off-by: Jan Engelhardt [EMAIL PROTECTED] Index: linux-2.6.21-rc5/net/ipv4/ipvs/Kconfig === --- linux

[PATCH 20/30] Use menuconfig objects - ARCNET

2007-04-10 Thread Jan Engelhardt
(Wow, not a single MODULE_AUTHOR line in drivers/net/arcnet/ ...) Use menuconfigs instead of menus, so the whole menu can be disabled at once instead of going through all options. Signed-off-by: Jan Engelhardt [EMAIL PROTECTED] Index: linux-2.6.21-rc5/drivers/net/arcnet/Kconfig

[PATCH 21/30] Use menuconfig objects - PHY

2007-04-10 Thread Jan Engelhardt
(No MAINTAINERS entry. MODULE_AUTHOR lines exist, but without addresses.) Use menuconfigs instead of menus, so the whole menu can be disabled at once instead of going through all options. Signed-off-by: Jan Engelhardt [EMAIL PROTECTED] Index: linux-2.6.21-rc5/drivers/net/phy/Kconfig

[PATCH 22/30] Use menuconfig objects - toeknring

2007-04-10 Thread Jan Engelhardt
Use menuconfigs instead of menus, so the whole menu can be disabled at once instead of going through all options. Signed-off-by: Jan Engelhardt [EMAIL PROTECTED] Index: linux-2.6.21-rc5/drivers/net/tokenring/Kconfig

Re: [PATCH 2/2] NET: Multiqueue network device support implementation.

2007-04-09 Thread Jan Engelhardt
Hi, On Apr 9 2007 14:28, Peter P Waskiewicz Jr wrote: @@ -3345,6 +3358,7 @@ void free_netdev(struct net_device *dev) { #ifdef CONFIG_SYSFS /* Compatibility with error handling in drivers */ + kfree((char *)dev-egress_subqueue); if (dev-reg_state == NETREG_UNINITIALIZED) {

Re: [RFC] div64_64 support

2007-02-26 Thread Jan Engelhardt
On Feb 23 2007 17:05, Stephen Hemminger wrote: Since there already two users of full 64 bit division in the kernel, and other places maybe hiding out as well. Add a full 64/64 bit divide. Yes this expensive, but there are places where it is necessary. It is not clear if doing the scaling buys

Re: [RFC] div64_64 support

2007-02-26 Thread Jan Engelhardt
On Feb 26 2007 13:28, Stephen Hemminger wrote: ./arch/arm26/lib/udivdi3.c ./arch/sh/lib/udivdi3.c ./arch/sparc/lib/udivdi3.S should not this be consolidated too? Hmm. Those are the GCC internal versions, that are picked up but doing divide in place. Do we want to allow general 64 bit in

Re: [RFC] div64_64 support

2007-02-26 Thread Jan Engelhardt
On Feb 26 2007 15:44, Stephen Hemminger wrote: - x = (2 * x + (uint32_t) div64_64(a, x*x)) / 3; + x = (2 * x + (u32) (a / x*x)) / 3; Previously there was div64_64(a, x*x) which is equivalent to (a)/(x*x), or just: a/(x^2). But now you do a/x*x, which is equivalent to

Re: [RFC] div64_64 support

2007-02-26 Thread Jan Engelhardt
caused a TCP congestion window bug that took 6 months before it was found... Hah, just as I expected. |On Tue, 27 Feb 2007 00:02:50 +0100 (MET), Jan Engelhardt wrote: |Then our reviewers should catch it, and if not, the janitors will. Jan -- - To unsubscribe from this list: send the line

Re: [PATCH]ip_auto_config bug in 2.6.20-rc6

2007-02-02 Thread Jan Engelhardt
On Feb 2 2007 14:09, Joakim Tjernlund wrote: On Thu, 2007-02-01 at 12:26 +0100, Joakim Tjernlund wrote: The following commandline: root=/dev/mtdblock6 rw rootfstype=jffs2 ip=192.168.1.10:::255.255.255.0:localhost.localdomain:eth1:off console=ttyS0,115200 makes ip_auto_config fall back to

Re: owner-Match in 2.6.20-rc5 (fwd)

2007-01-25 Thread Jan Engelhardt
The report below was posted on the netfilter user list. Isn't there any ill side effect by reverting the change? Performance regression :-( This optimization saves a whole handful of heavy atomic operations in the packet transmit path of TCP. As I understand it, the owner-Match is

  1   2   >