[ulogd2 PATCH] ulogd: use a RT scheduler by default

Is common that ulogd runs in scenarios where a lot of packets are to be logged. If there are more packets than ulogd can handle, users can start seing log messages like this: ulogd[556]: We are losing events. Please, consider using the clauses \ `netlink_socket_buffer_size' and

Re: [PATCH] netfilter: xt_hashlimit: avoid 64-bit division

On Wed, Sep 06, 2017 at 10:48:22PM +0200, Arnd Bergmann wrote: > On Wed, Sep 6, 2017 at 10:22 PM, Vishwanath Pai wrote: > > On 09/06/2017 03:57 PM, Arnd Bergmann wrote: > >> 64-bit division is expensive on 32-bit architectures, and > >> requires a special function call to avoid a

Re: [PATCH] netfilter: xt_hashlimit: avoid 64-bit division

On Thu, Sep 7, 2017 at 12:19 PM, Pablo Neira Ayuso wrote: > On Wed, Sep 06, 2017 at 10:48:22PM +0200, Arnd Bergmann wrote: >> On Wed, Sep 6, 2017 at 10:22 PM, Vishwanath Pai wrote: >> > On 09/06/2017 03:57 PM, Arnd Bergmann wrote: >> >> 64-bit division is

Re: [PATCH] netfilter: xt_hashlimit: avoid 64-bit division

Hi Arnd, On Wed, Sep 6, 2017 at 9:57 PM, Arnd Bergmann wrote: > 64-bit division is expensive on 32-bit architectures, and > requires a special function call to avoid a link error like: > > net/netfilter/xt_hashlimit.o: In function `hashlimit_mt_common': >

[libnftnl PATCH] chain: Don't print unset policy value in netlink debug

The policy field was printed unconditionally, but if it wasn't set the default value 0 was printed as 'policy drop' which is not correct. Signed-off-by: Phil Sutter --- src/chain.c | 16 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/src/chain.c

WARN_ON() in __nf_hook_entries_try_shrink()

On shutdown I get this (edited down a bit to be more legible): Stopping firewalld - dynamic firewall daemon... NETFILTER_CFG table=nat family=2 entries=55 NETFILTER_CFG table=mangle family=2 entries=40 NETFILTER_CFG table=raw family=2 entries=28 NETFILTER_CFG table=security family=2

Re: WARN_ON() in __nf_hook_entries_try_shrink()

On Thu, 7 Sep 2017 17:01:12 -0700 Linus Torvalds wrote: > On shutdown I get this (edited down a bit to be more legible): > > Stopping firewalld - dynamic firewall daemon... > NETFILTER_CFG table=nat family=2 entries=55 > NETFILTER_CFG table=mangle family=2

[PATCH] netfilter: xt_hashlimit: fix build error caused by 64bit division

64bit division causes build/link errors on 32bit architectures. It prints out error messages like: ERROR: "__aeabi_uldivmod" [net/netfilter/xt_hashlimit.ko] undefined! The value of avg passed through by userspace in BYTE mode cannot exceed U32_MAX. Which means 64bit division in user2rate_bytes

[PATCH] net:netfilter alloc xt_byteslimit_htable with wrong size

From: Zhizhou Tian struct xt_byteslimit_htable used hlist_head, but alloc memory with sizeof(struct list_head) Change-Id: I75bc60e47e0823700d4303c9d763b7995e3b7bb3 Signed-off-by: Zhizhou Tian --- net/netfilter/xt_hashlimit.c | 4 ++-- 1 file

[PATCH v2] netfilter: xt_hashlimit: fix build error caused by 64bit division

64bit division causes build/link errors on 32bit architectures. It prints out error messages like: ERROR: "__aeabi_uldivmod" [net/netfilter/xt_hashlimit.ko] undefined! The value of avg passed through by userspace in BYTE mode cannot exceed U32_MAX. Which means 64bit division in user2rate_bytes