Re: [PATCH V2] audit: normalize NETFILTER_PKT (fwd)

.1487813996.git@redhat.com> Hi Richard, [auto build test WARNING on v4.9-rc8] [cannot apply to nf-next/master next-20170222] [if your patch is applied to the wrong git tree, please drop us a note to help improve the system] url: https://github.com/0day-ci/linux/commits/Richard-Guy-Brig

Re: [PATCH V2] audit: normalize NETFILTER_PKT

Richard Guy Briggs wrote: > Simplify and eliminate flipping in and out of message fields, relying on > nfmark > the way we do for audit_key. > > +struct nfpkt_par { > + int ipv; > + const void *saddr; > + const void *daddr; > + u8 proto; > +}; This is

[PATCH] uapi: stop including linux/sysctl.h in uapi/linux/netfilter.h

linux/netfilter.h is the last uapi header file that includes linux/sysctl.h but it does not depend on definitions provided by this essentially dead header file. Suggested-by: Eric W. Biederman Signed-off-by: Dmitry V. Levin ---

Re: [PATCH nft] src: revisit tcp options support

Pablo Neira Ayuso wrote: > Rework syntax, add tokens so we can extend the grammar more easily. > This has triggered several syntax changes with regards to the original > patch, specifically: > > tcp option sack0 left 1 > > There is no space between sack and the block

[PATCH nft] src: revisit tcp options support

Rework syntax, add tokens so we can extend the grammar more easily. This has triggered several syntax changes with regards to the original patch, specifically: tcp option sack0 left 1 There is no space between sack and the block number anymore, no more offset field, now they are a single

Re: [PATCH net-next 1/2] netfilter: nf_ct_expect: nf_ct_expect_related_report(): Return zero on success,

On Tue, Feb 21, 2017 at 03:25:21PM -0800, Jarno Rajahalme wrote: > Commit 4dee62b1 ("netfilter: nf_ct_expect: nf_ct_expect_insert() > returns void") inadvertently changed the successful return value of > nf_ct_expect_related_report() from 0 to 1, which caused openvswitch > conntrack integration