Hello,
On Tue, Jun 12, 2018 at 7:23 PM, Pablo Neira Ayuso wrote:
> On Tue, Jun 12, 2018 at 03:21:35PM +0200, Florian Westphal wrote:
>> Harsha Sharma wrote:
>> > +ctnl_timeout_parse_policy(void *timeouts,
>> > + const struct nf_conntrack_l4proto *l4proto,
>> > +
Pablo Neira Ayuso wrote:
> > Unrelated to your patch: I think timeout handling is braindead
> > in current conntrack, we should revisit this.
>
> By now, I think it's fine as is, I mean using the template, so
> Harsha/someone else can have a look at this in a second step.
Yes, sure. Its on my
On Tue, Jun 12, 2018 at 03:21:35PM +0200, Florian Westphal wrote:
> Harsha Sharma wrote:
> > +ctnl_timeout_parse_policy(void *timeouts,
> > + const struct nf_conntrack_l4proto *l4proto,
> > + struct net *net, const struct nlattr *attr)
> > +{
> > + int
Harsha Sharma wrote:
> +ctnl_timeout_parse_policy(void *timeouts,
> + const struct nf_conntrack_l4proto *l4proto,
> + struct net *net, const struct nlattr *attr)
> +{
> + int ret = 0;
> + struct nlattr **tb;
> +
> + if
Hi Harsha,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on nf-next/master]
url:
https://github.com/0day-ci/linux/commits/Harsha-Sharma/netfilter-nft_ct-add-ct-timeout-support/20180612-061838
base:
Hi Harsha,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on nf-next/master]
url:
https://github.com/0day-ci/linux/commits/Harsha-Sharma/netfilter-nft_ct-add-ct-timeout-support/20180612-061838
base:
Hello,
On Tue, Jun 12, 2018 at 12:17 AM, Harsha Sharma
wrote:
> This patch allows to add, list and delete connection tracking timeout
> policies via nft objref infrastructure and assigning these timeout
> via nft rule.
>
> Ruleset:
>
> table ip raw {
>ct timeout cttime {
>protocol
This patch allows to add, list and delete connection tracking timeout
policies via nft objref infrastructure and assigning these timeout
via nft rule.
Ruleset:
table ip raw {
ct timeout cttime {
protocol tcp
established 111 close 13
l3proto ip
}
chain output {