Hi Pablo,
I love your patch! Yet something to improve:
[auto build test ERROR on nf/master]
url:
https://github.com/0day-ci/linux/commits/Pablo-Neira-Ayuso/netfilter-add-nf_-tcp-udp-sctp-icmp-dccp-icmpv6-generic-_pernet/20181102-101813
base:
On Wed, Oct 31, 2018 at 07:18:04PM -0700, Matt Turner wrote:
> On Fri, Oct 19, 2018 at 11:09 AM Matt Turner wrote:
> > If you wouldn't mind, now might be a good time to make a 1.1.2
> > release. In the four months since 1.1.1 there are some important fixes
> > for oddball systems (big endian,
Otherwise, we hit a NULL pointer deference since handlers always assume
default timeout policy is passed.
netlink: 24 bytes leftover after parsing attributes in process `syz-executor2'.
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general
On Thu, Nov 01, 2018 at 11:32:50PM +0900, Taehee Yoo wrote:
> The libxt_rateest test is always failed because dependent command is not
> executed in netns.
> (@iptables -I INPUT -j RATEEST --rateest-name RE1 --rateest-interval \
> 250.0ms --rateest-ewmalog 500.0ms)
> After this path, adding netns
The libxt_rateest test is always failed because dependent command is not
executed in netns.
(@iptables -I INPUT -j RATEEST --rateest-name RE1 --rateest-interval \
250.0ms --rateest-ewmalog 500.0ms)
After this path, adding netns command is executed first.
Then test commands are executed.
Fixes:
Useful to only set a particular range of the conntrack mark while
leaving existing parts of the value alone, e.g. when updating
conntrack marks via netlink from userspace.
For NFQUEUE it was already implemented in commit
534473c6080e01395058445135df29a8eb638c77.
This now adds the same