Máté Eckl wrote:
> It is never used.
Applied, thanks.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
It is never used.
Signed-off-by: Máté Eckl
---
src/parser_bison.y | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/parser_bison.y b/src/parser_bison.y
index ee3600d..dcd4683 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -181,7 +181,6 @@ int nft_lex(void *, void *, void *);
%
On Fri, May 04, 2018 at 12:06:32PM +0200, Arturo Borrero Gonzalez wrote:
> On 4 May 2018 at 11:49, Pablo Neira Ayuso wrote:
> >
> > +int nft_table_flush(struct nft_handle *h, const char *table)
> > +{
> > + struct nftnl_table *r;
> > + int ret = 0;
> > +
> > + nft_fn = nft_table_
Recognizing that the loginuid is an internal audit value, use an access
function to retrieve the audit loginuid value for the task rather than
reaching directly into the task struct to get it.
Signed-off-by: Richard Guy Briggs
---
kernel/auditsc.c | 16
1 file changed, 8 inserti
Use a macro, "AUDIT_SID_UNSET", to replace each instance of
initialization and comparison to an audit session ID.
Signed-off-by: Richard Guy Briggs
---
include/linux/audit.h | 2 +-
include/net/xfrm.h | 2 +-
include/uapi/linux/audit.h | 1 +
init/init_task.c | 2 +-
kerne
Group the audit parameters for each task into one structure.
In particular, remove the loginuid and sessionid values and the audit
context pointer from the task structure, replacing them with an audit
task information structure to contain them. Use access functions to
access audit values.
Note:
Recognizing that the audit context is an internal audit value, use an
access function to set the audit context pointer for the task
rather than reaching directly into the task struct to set it.
Signed-off-by: Richard Guy Briggs
---
include/linux/audit.h | 8
kernel/auditsc.c | 6 ++
Recognizing that the audit context is an internal audit value, use an
access function to retrieve the audit context pointer for the task
rather than reaching directly into the task struct to get it.
Signed-off-by: Richard Guy Briggs
---
include/linux/audit.h| 16 ---
incl
The audit-related parameters in struct task_struct should ideally be
collected together and accessed through a standard audit API.
Collect the existing loginuid, sessionid and audit_context together in a
new struct audit_task_info pointer called "audit" in struct task_struct.
Use kmem_cache to ma
removes following sparse error:
net/netfilter/core.c:598:30: warning: incorrect type in argument 1 (different
address spaces)
net/netfilter/core.c:598:30:expected struct nf_hook_entries **e
net/netfilter/core.c:598:30:got struct nf_hook_entries [noderef]
**
Signed-off-by: Florian Westpha
/linux/commits/Kristian-Evensen/netfilter-nf_queue-Replace-conntrack-entry/20180504-051218
base: https://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git master
config: x86_64-randconfig-s5-05041850 (attached as .config)
compiler: gcc-7 (Debian 7.3.0-16) 7.3.0
reproduce:
# save the
Hi Pablo,
[Sorry for the delay.]
On Fri, 27 Apr 2018, Pablo Neira Ayuso wrote:
> On Sat, Apr 21, 2018 at 01:43:48PM +0200, Jozsef Kadlecsik wrote:
> > Dominique Martinet reported a TCP hang problem when simultaneous open
> > was used. The problem is that the tcp_conntracks state table is not
>
On 4 May 2018 at 11:49, Pablo Neira Ayuso wrote:
>
> +int nft_table_flush(struct nft_handle *h, const char *table)
> +{
> + struct nftnl_table *r;
> + int ret = 0;
> +
> + nft_fn = nft_table_flush;
> +
> + r = nftnl_table_alloc();
> + if (r == NULL)
> +
The following snippet fails if user chain FOO exists, but it should not fail:
iptables-compat -F
iptables-compat -N FOO
iptables-compat-save > foo
iptables-compat-restore < foo
Reported-by: Florian Westphal
Signed-off-by: Pablo Neira Ayuso
---
iptables/nft-share
This is only needed by 3.16, which was released 8 months after nftables was
merged upstream. That kernel version supports a reduced featureset.
Signed-off-by: Pablo Neira Ayuso
---
iptables/nft.c | 157 +++--
iptables/nft.h | 3 --
2 files ch
Remove dead code that uses the ancient non-batch netlink API. Chains
are already purged out from table flush.
Signed-off-by: Pablo Neira Ayuso
---
iptables/nft-shared.h | 2 --
iptables/nft.c | 45 -
iptables/xtables-restore.c | 5 --
Conflicting definitions of struct ethhdr between the kernel and musl
libc provides headers causes a build failure:
In file included from .../usr/include/netinet/ether.h:8:0,
from useful_functions.c:28:
.../usr/include/netinet/if_ether.h:107:8: error: redefinition of ‘struct ethhdr
On Fri, May 4, 2018 at 1:23 AM, Jan Engelhardt wrote:
> On Thursday 2018-05-03 17:03, Yuri Gribov wrote:
>
>>Hi all,
>>
>>Here's the updated version of the patch.
>>
>>diff --git a/src/Makefile.am b/src/Makefile.am
>>index d0098cc..d91c9f7 100644
>>--- a/src/Makefile.am
>>+++ b/src/Makefile.am
>>@
18 matches
Mail list logo