On Wed, 2017-02-01 at 15:48 -0800, Eric Dumazet wrote:
> On Wed, Feb 1, 2017 at 3:29 PM, Cong Wang wrote:
>
> > Not sure if it is better. The difference is caught up in
> > net_enable_timestamp(),
> > which is called setsockopt() path and sk_clone() path, so we could
On Wed, Feb 1, 2017 at 3:29 PM, Cong Wang wrote:
> Not sure if it is better. The difference is caught up in
> net_enable_timestamp(),
> which is called setsockopt() path and sk_clone() path, so we could be
> in netstamp_needed state for a long time too until user-space
On Wed, Feb 1, 2017 at 1:16 PM, Eric Dumazet wrote:
> On Wed, 2017-02-01 at 12:51 -0800, Cong Wang wrote:
>> On Tue, Jan 31, 2017 at 7:44 AM, Eric Dumazet wrote:
>> > On Mon, 2017-01-30 at 22:19 -0800, Cong Wang wrote:
>> >
>> >>
>> >> The context
On Wed, 2017-02-01 at 13:16 -0800, Eric Dumazet wrote:
> This would permanently leave the kernel in the netstamp_needed state.
>
> I would prefer the patch using a process context to perform the
> cleanup ? Note there is a race window, but probably not a big deal.
>
> net/core/dev.c | 30
On Wed, 2017-02-01 at 12:51 -0800, Cong Wang wrote:
> On Tue, Jan 31, 2017 at 7:44 AM, Eric Dumazet wrote:
> > On Mon, 2017-01-30 at 22:19 -0800, Cong Wang wrote:
> >
> >>
> >> The context is process context (TX path before hitting qdisc), and
> >> BH is not disabled, so
On Tue, Jan 31, 2017 at 7:44 AM, Eric Dumazet wrote:
> On Mon, 2017-01-30 at 22:19 -0800, Cong Wang wrote:
>
>>
>> The context is process context (TX path before hitting qdisc), and
>> BH is not disabled, so in_interrupt() doesn't catch it. Hmm, this
>> makes me thinking
From: Jiri Kosina
Commit 3bb398d925 ("netfilter: nf_ct_helper: disable automatic helper
assignment") is causing behavior regressions in firewalls, as traffic
handled by conntrack helpers is now by default not passed through even
though it was before due to missing CT targets
On Wed, 1 Feb 2017, Pablo Neira Ayuso wrote:
> > +{
> > + struct nf_conntrack_helper *ret;
> > +
> > + if (!net->ct.sysctl_auto_assign_helper) {
> > + if (net->ct.auto_assign_helper_warned)
> > + return NULL;
> > + if (!find_auto_helper(ct))
>
> This
On Mon, Jan 30, 2017 at 12:05:20PM -0200, Elise Lennion wrote:
> Because the rules are more legible this way. Also, the parser doesn't
> accept strings on ranges, so, printing ranges numerically better match
> the rules definition.
>
> Fixes(Bug 1046 - mobility header with range gives illegible
On Mon, Jan 30, 2017 at 11:30:16AM +0100, Xose Vazquez Perez wrote:
> Sync with latest OpenBSD release.
> Changelog: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os
Applied, thanks Xose.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message
On Fri, Jan 27, 2017 at 12:38:46PM -0800, Kevin Cernekee wrote:
> According to valgrind, this currently leaks ~512B to 2kB for each
> packet sent to the userspace helper.
Applied, thanks!
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to
11 matches
Mail list logo